一,参考配置


   ×××参数及配置模板如下,请项目组这边确定我端的服务器IP和访问端口,谢谢!

对端公网IP:183.63.82.98

对端内网IP:11.0.223.25 ,端口 13054

本端公网:113.106.93.211

本端服务器地址:192.168.2.220

加密算法:

 encr 3des;   hash sha; group 2;mode tunnel;lifetime 86400

加密算法:

第一阶段:encr 3des;   hash sha; group 2;mode tunnel,lifetime 86400
第二阶段:esp-3des esp-sha-hmac  

预共享密钥:ycsf@gdnybank

对端配置参考:

interface Loopback1  -内网口
 ip address 190.190.190.22 255.255.255.255
 
 
interface Fa stEthernet0/0--外网口
description internet_int
ip address 219.132.79.34 255.255.255.240
ip virtual-reassembly
duplex auto
speed auto
crypto map zjbank
 
crypto isakmp key  ycsf@gdnybank address 183.63.82.98

crypto ipsec transform-set ycsf-set esp-3des esp-sha-hmac

crypto map zjbank 110 ipsec-isakmp
   
set peer 183.63.82.98
set transform-set ycsf-set
match address 110
 
access-list 110 permit ip host 190.190.190.22 host 11.0.223.25
 
crypto isakmp policy 110
encr 3des
hash md5
authentication pre-share
group 2