ip address 10.0.1.1 255.255.255.192 secondary ip nat outsideip access-group 1 out clockrate 48000!
interface async 0/0
!
router rip
network 192.168.98.0 network 10.0.0.0
!
line vty 0 4 login
password 7 o2EUq2a6AFiY4D
!
ip nat pool overload 10.0.1.1 10.0.1.1 netmask 255.255.255.192 ip nat inside source list 1 pool overload overload
!
access-list 1 permit 192.168.98.62 0.0.0.255 access-list 1 permit 10.0.0.2 0.0.0.255 ! end
5.3 VPN - IPSec
IPSec is an implement secures the VPN (Virtual private Network). IPSec protocol includes AH (Authentication Header), ESP (Encapsulation Security Payload) and IKE (Internet Key Exchange), ISAKMP and transform.
Ipsec security architecture provides data confidentiality, data integrality, identity authentication, anti-replay and DOS services. Security mechanism is implemented by AH(Authentication Header) protocol and ESP(Encapsulation Security Payload) protocol. Key management is implemented by IKE. The peers use SPI(Security Policy Index) to quote the dynamic negotiated SA(Security Association) to provide data security.
crypto ipsec transform-settransform-name [transform 1] [transform 2] [transform 3]– to define the transform set that combination of security protocols and algorithms.
mode [ tunnel transport] – specify the mode for transform set. The default mode is tunnel.
Initialization-vector size [4 8] – to modify the length of the initialization-vector. The default is 8