wuhao0015 发表于 2020-5-15 12:26
看我下面的案例。。。
crypto isakmp policy 10
encr aes
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp keepalive 10 periodic
crypto isakmp peer address 221.224.248.229 \\这里被配置的时候是crypto isa peer host ipsec1.f3322.net,被自动解析也了IP
set aggressive-mode password 123456
set aggressive-mode client-endpoint fqdn CISCO2911_Router
crypto ipsec transform-set Small_Office esp-3des esp-md5-hmac
mode tunnel
crypto map L2LVPN 10 ipsec-isakmp
set peer ipsec1.f3322.net dynamic
set security-association lifetime seconds 900
set transform-set Small_Office
match address L2LVPN
crypto map L2LVPN
CISCO2911_Router#