Sophos-asa-psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
David (Diskussion | Beiträge) |
David (Diskussion | Beiträge) |
||
| Zeile 29: | Zeile 29: | ||
=Sophos Konfigurieren= | =Sophos Konfigurieren= | ||
| + | ==neue Richtlinen anlegen== | ||
| + | *Site-to-Site-VPN | ||
| + | **IPsec | ||
| + | ***Richtlinen | ||
| + | ****Neue IPsec-Richtlinen | ||
| + | [[Datei:asa-sop4.png]] | ||
| + | |||
| + | ==gw einrichten== | ||
*Site-to-Site-VPN | *Site-to-Site-VPN | ||
**IPsec | **IPsec | ||
Version vom 20. September 2016, 10:07 Uhr
Die asa konfigurieren
configure terminal crypto ikev1 policy 10 authentication pre-share encryption aes-256 hash md5 group 2 lifetime 28800 crypto ikev1 enable if-outside configure terminal access-list acl-asa-sop extended permit ip 192.168.3.0 255.255.255.0 10.2.2.0 255.255.255.0 crypto isakmp identity address crypto isakmp enable if-outside crypto ipsec transform-set AES256-MD5 esp-aes-256 esp-md5-hmac crypto map vpn-asa-sop 10 match address acl-asa-sop crypto map vpn-asa-sop 10 set pfs group5 crypto map vpn-asa-sop 10 set peer 192.168.2.199 crypto map vpn-asa-sop 10 set ikev1 transform-set AES256-MD5 crypto map vpn-asa-sop interface if-outside tunnel-group 192.168.2.199 type ipsec-l2l tunnel-group 192.168.2.199 ipsec-attributes pre-shared-key sysadm object network no-nat subnet 10.2.2.0 255.255.255.0 nat (if-inside,if-outside) source static obj-lan obj-lan destination static no-nat no-nat
Sophos Konfigurieren
neue Richtlinen anlegen
- Site-to-Site-VPN
- IPsec
- Richtlinen
- Neue IPsec-Richtlinen
- Richtlinen
- IPsec
gw einrichten
- Site-to-Site-VPN
- IPsec
- Entferntes-Gateway
- Neues entferntes Gateway
- Entferntes-Gateway
- IPsec
- Site-to-Site-VPN
- IPsec
- Verbindungen
- Neue IPsec-Verbindung
- Verbindungen
- IPsec