CCNA VPN

Laboratório VPN Site-to-Site!

O que é VPN?

Tipos de VPN

Site to Site (p2p)

Remote Access

SSL

VPN Tunelada (Tunnel)

Framwork IPSec

Autenticação (Authentication)

Confidencialidade (Criptografia Simétrica + Cypher)

Integridade (Hash)

Troca de Chaves (Diff Helman)

Laboratório VPN Site-to-Site

![](LAB VPN.jpg “LAB VPN.jpg”)

Roteador A

Configurações

ISAKMP Policy

crypto isakmp policy 10
 encr 3des
 authentication pre-share

Configuranço o Peer e a senha

crypto isakmp key cisco123 address 172.17.1.1

Transformation Set

crypto ipsec transform-set set esp-3des esp-sha-hmac

Crypto Map - Tráfego interessante

crypto map vpnmap 10 ipsec-isakmp
 set peer 172.17.1.1
 set transform-set set
 match address acl_vpn

Configurando o Crypto map na interface

interface Serial0/0/0
 ip address 172.16.1.1 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 crypto map vpnmap

Identificando o tráfego interessante

ip access-list extended acl_vpn
 permit ip 10.10.10.0 0.0.0.255 10.20.10.0 0.0.0.255

Config Roteador B

ISAKMP Policy

crypto isakmp policy 10
 encr 3des
 authentication pre-share

Configuranço o Peer e a senha

crypto isakmp key cisco123 address 172.16.1.1

Transformation Set

crypto ipsec transform-set set esp-3des esp-sha-hmac

Crypto Map - Tráfego interessante

crypto map vpnmap 10 ipsec-isakmp
 set peer 172.16.1.1
 set transform-set set
 match address acl_vpn

Configurando o Crypto map na interface

interface Serial0/0/0
 ip address 172.17.1.1 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 crypto map vpnmap

Identificando o tráfego interessante

ip access-list extended acl_vpn
 permit ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255

Arquivos

  • Running-Config Internet
  • Running-Config Roteador A
  • Running-Config Roteador B

Category:Cisco Category:CCNA