ASDM site to site config:

ASDM site to site config:

by Cyrus Lok on Tuesday, April 6, 2010 at 6:33pm

crypto isakmp enable outside
access-list outside_1_cryptomap line 1 extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.255.255.248
access-list inside_nat0_outbound line 1 extended permit ip 192.168.1.0 255.255.255.0 10.10.10.0 255.255.255.248
tunnel-group 10.0.0.1 type ipsec-l2l
tunnel-group 10.0.0.1 ipsec-attributes
pre-shared-key cisco
isakmp keepalive threshold 10 retry 2
crypto isakmp policy 10 authen pre-share
crypto isakmp policy 10 encrypt aes
crypto isakmp policy 10 hash sha
crypto isakmp policy 10 group 2
crypto isakmp policy 10 lifetime 86400
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map outside_map 1 match address outside_1_cryptomap
crypto map outside_map 1 set pfs group2
crypto map outside_map 1 set peer 10.0.0.1
crypto map outside_map 1 set transform-set ESP-3DES-SHA
crypto map outside_map interface outside
nat (inside) 0 access-list inside_nat0_outbound tcp 0 0 udp 0

Advertisements
This entry was posted in Security. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s