[[ipsec:swan-cisco]]
Trace: swan-cisco
Show pagesource
AdminRecent ChangesSitemap

Freeswan & Cisco

See this

Cisco stuff (PSK model)

 crypto ipsec transform-set hacker esp-aes-256 esp-sha-hmac 
 crypto dynamic-map dynmap 20 set transform-set hacker
 crypto map hacker 10 ipsec-isakmp
 crypto map hacker 10 match address IPSEC_hackers
 crypto map hacker 10 set peer 111.111.111.111
 crypto map hacker 10 set transform-set hackerZ
 crypto map hacker 20 ipsec-isakmp dynamic dynmap
 crypto map hacker client authentication LOCAL
 crypto map hacker interface outside
 isakmp enable outside
 isakmp key ******** address 111.111.111.111 netmask 255.255.255.255 no-xauth no-config-mode 
 isakmp identity address
 isakmp nat-traversal 20
 isakmp policy 10 authentication pre-share
 isakmp policy 10 encryption aes-256
 isakmp policy 10 hash sha
 isakmp policy 10 group 1
 isakmp policy 10 lifetime 86400
 isakmp policy 20 authentication pre-share
 isakmp policy 20 encryption 3des
 isakmp policy 20 hash md5
 isakmp policy 20 group 2
 isakmp policy 20 lifetime 86400
 vpngroup crm525gp address-pool vpnpool
 vpngroup crm525gp idle-time 1800
 vpngroup crm525gp max-time 86400
 vpngroup crm525gp password ********
 vpngroup helpgrp address-pool vpnpool2
 vpngroup helpgrp idle-time 1800
 vpngroup helpgrp max-time 86400
 vpngroup helpgrp password ********
ipsec/swan-cisco.txt · Last modified: 2009/05/25 00:35 (external edit)
Show pagesourceOld revisions
Media ManagerBack to top
CC Attribution-Share Alike 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0 ipv6 ready