Sophos-asa-psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
David (Diskussion | Beiträge) |
David (Diskussion | Beiträge) |
||
Zeile 29: | Zeile 29: | ||
=Sophos Konfigurieren= | =Sophos Konfigurieren= | ||
+ | ==neue Richtlinen anlegen== | ||
+ | *Site-to-Site-VPN | ||
+ | **IPsec | ||
+ | ***Richtlinen | ||
+ | ****Neue IPsec-Richtlinen | ||
+ | [[Datei:asa-sop4.png]] | ||
+ | |||
+ | ==gw einrichten== | ||
*Site-to-Site-VPN | *Site-to-Site-VPN | ||
**IPsec | **IPsec |
Version vom 20. September 2016, 10:07 Uhr
Die asa konfigurieren
configure terminal crypto ikev1 policy 10 authentication pre-share encryption aes-256 hash md5 group 2 lifetime 28800 crypto ikev1 enable if-outside configure terminal access-list acl-asa-sop extended permit ip 192.168.3.0 255.255.255.0 10.2.2.0 255.255.255.0 crypto isakmp identity address crypto isakmp enable if-outside crypto ipsec transform-set AES256-MD5 esp-aes-256 esp-md5-hmac crypto map vpn-asa-sop 10 match address acl-asa-sop crypto map vpn-asa-sop 10 set pfs group5 crypto map vpn-asa-sop 10 set peer 192.168.2.199 crypto map vpn-asa-sop 10 set ikev1 transform-set AES256-MD5 crypto map vpn-asa-sop interface if-outside tunnel-group 192.168.2.199 type ipsec-l2l tunnel-group 192.168.2.199 ipsec-attributes pre-shared-key sysadm object network no-nat subnet 10.2.2.0 255.255.255.0 nat (if-inside,if-outside) source static obj-lan obj-lan destination static no-nat no-nat
Sophos Konfigurieren
neue Richtlinen anlegen
- Site-to-Site-VPN
- IPsec
- Richtlinen
- Neue IPsec-Richtlinen
- Richtlinen
- IPsec
gw einrichten
- Site-to-Site-VPN
- IPsec
- Entferntes-Gateway
- Neues entferntes Gateway
- Entferntes-Gateway
- IPsec
- Site-to-Site-VPN
- IPsec
- Verbindungen
- Neue IPsec-Verbindung
- Verbindungen
- IPsec