Cisco IP Sec

crypto isakmp policy 2
authentication pre-share

crypto isakmp key cisco123 address 172.16.1.1

crypto ipsec transform-set ASA-IPSEC esp-des esp-sha-hmac

crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to172.16.1.1
set peer 172.16.1.1
set transform-set ASA-IPSEC
match address 100
interface FastEthernet0
ip address 172.17.1.1 255.255.255.0
duplex auto
speed auto
crypto map SDM_CMAP_1
access-list 100 remark SDM_ACL Category=4 access-list 100 remark IPSec Rule access-list 100 permit ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255
!
!
!
!--- This ACL 110 identifies the traffic flows using route map
access-list 110 deny ip 10.20.10.0 0.0.0.255 10.10.10.0 0.0.0.255 access-list 110 permit ip 10.20.10.0 0.0.0.255 any route-map nonat permit 10 match ip address 110
debug crypto isakmp
debug crypto ipsec
show crypto isakmp sa
show crypto ipsec sa

terminal monitor
terminal no monitor

clear crypto ipsec ?
clear crypto isakmp

Comments

Post a Comment

Popular posts from this blog

VIOS TIPs

HMC image locates: /extra/viosimages/2.2.3.4 To install VIO server from HMC: installios To erase the previous setting: installios -u hscroot@P7504HMC:~> cat /etc/nimol.conf # nimol.conf file NIMOL_SERVER 9.22.217.30 ORIGINAL_FILES_DIR /var/tmp/nimol_original RPCBIND_STARTED yes NFS_STARTED yes REMOTE_ACCESS_METHOD /usr/bin/rsh NIMOL_TFTPBOOT /tftpboot TFTP_ENABLED yes REMOTE_SYSLOG_ENABLED yes HMC_SYSLOG_CONF_MODIFIED yes NIMOL_SYSLOG_FACILITY local2 NIMOL_SUBNET 9.22.217.0 NIMOL_BOOTREPLYD yes LABEL default1 /extra/default1 processing hscroot@P7504HMC:~>  installios -F -e -R default1 Logging session output to /tmp/installios.24173.log. nimol_config WARNING: error from command /bin/awk nimol_config MESSAGE: Executed /usr/sbin/exportfs -ua. nimol_config MESSAGE: Executed /usr/sbin/exportfs -a. nimol_config MESSAGE: Removed /tftpboot/default1.chrp.mp.ent. nimol_config MESSAGE: Removed /extra/default1. nimol_config MESSAGE: Removed "LABEL default
Read more

Configure Solaris 10 LDOM on Solaris 11.4

root@comglv1:~# ldm add-memory 16G htcsun1 root@comglv1: # zfs destroy zones cannot destroy 'zones': operation does not apply to pools use 'zfs destroy -r zones' to destroy all datasets in the pool use 'zpool destroy zones' to destroy the pool itself root@comglv1: # zfs destroy -r zones root@comglv1: # zpool create LDOM mirror c0t5000CCA03C0E89D8d0s0 c0t5000CCA03C2F3BB4d0s0 root@comglv1: # zfs create LDOM/htcsun1 root@comglv1: # zfs create -V 150g LDOM/htcsun1/disk0 root@comglv1: # ldm rm-vdisk vdisk0 htcsun1 root@comglv1: # ldm rm-vdsdev htcsun1-vd0@primary-vds0 root@comglv1: # ldm rm-vdsdev  vol0@primary-vds0 root@comglv1: # ldm rm-vdsdev iso@primary-vds0 root@comglv1: # add-vdsdev options=ro sol-10-u11-ga-sparc-dvd.iso htcsun1-iso@primary-vds0 root@comglv1: # ldm add-vdsdev /dev/zvol/dsk/LDOM/htcsun1/disk0 htcsun1-vd0@primary-vds0 root@comglv1: # ldm add-vdisk vdisk0 htcsun1-vd0@primary-vds0 htcsun1
Read more

Change P410i from HBA mode to Raid mdoe

fs0:\> dir Directory of: fs0:\   03/07/13  10:44a            1,492,736  0126.bin   03/07/13  10:44a                  953  fwupdate.nsh   03/07/13  10:44a            4,194,304  sandman_578b0.bin   03/07/13  10:44a              452,096  saupdate.efi   12/03/12  10:12a               12,792  .psafe3   03/07/13  10:38a <DIR>          4,096  .Trash-500           5 File(s)   6,152,881 bytes           1 Dir(s) fs0:\> fwupdate.nsh fwupdate.nsh> echo -off ******************************************************************************** ****                                                                        **** ****                        IO CARD FIRMWARE UPDATE                         **** ****            (c) Copyright Hewlett-Packard Company, 2001-2012            **** ****                          All rights reserved.                          **** ****                                                                        **** ****                                         
Read more