Toggle navigation
TechnoWikis.com
Email or Username
Password
Remember
Login
Register
|
I forgot my password
All Activity
Questions
Hot!
Pending
Ask a Question
Privacy Policy
Contact
Cisco Router Configuration 831 (Tunnel versus ASA 5500, Access List, NAT)
Home
Tutorials
Networks
Routers
Cisco Router Configuration 831 (Tunnel versus ASA...
(adsbygoogle = window.adsbygoogle || []).push({});
+4
votes
237
views
Cisco Router Configuration 831 (Tunnel versus ASA 5500, Access List, NAT)
asked
Jun 24, 2019
in
Routers
by
backtothefuture
(
552k
points)
reopened
Jun 24, 2019
|
237
views
answer
Your answer
Your name to display (optional):
Email me at this address if my answer is selected or commented on:
Email me if my answer is selected or commented on
Privacy: Your email address will only be used for sending these notifications.
Add answer
Cancel
1
Answer
+5
votes
Best answer
In this tutorial we will develop some basic and not so basic configurations;
taking into account that we already know how to access it with privileges of ENABLE with command knowledge.
We will take as an example a Cisco 800 series equipment, to be more precise a Cisco 831 Router.
--Passwords
Router (config) #service password-encryption
Router (config) #hostname ************ (name we want)
Router (config) #enable secret ************ (enable password)
- Telnet passwords
Router (config) #line with 0
Router (config-line) #password ************ (desired password)
Router (config-line) #login local
Router (config) #line vty 0
Router (config-line) #password ************ (desired password)
Router (config-line) #login local
-
DHCP Server
Configuration
ip dhcp binding cleanup interval 10
ip dhcp excluded-address
10.17.10.1 10.17.10.50
ip dhcp excluded-address
10.17.10.151 10.17.10.254
ip dhcp ping packets 0
ip dhcp pool
GOOD_SAIRES
network
10.17.10.0 255.255.255.0
dns-server
10.16.0.10 10.16.0.8
default-router
10.17.10.254
netbios-name-server 10.16.0.10 10.16.0.8
domain-name
rquagliano.com
read 8
--Quality of service
class-map match-all citrix
match access-group 110
class-map match-all voice
match precedence 5
class-map match-all low priority
match any
QOS policy-map
class voice
priority 25
class citrix
class low priority
bandwidth remaining percent 10
random-detect
- Crypto (configuration of a tunnel against the ASA)
crypto isakmp policy 1
encr 3des
pre-share authentication
group 5
crypto isakmp key
PASSWORS_DEL_TUNEL
address
200.71.236.2
(PEER)
crypto ipsec transform-set trans1 esp-3des esp-sha-hmac
crypto map map 20 ipsec-isakmp
set peer 200.71.236.2
set transform-set trans1
match address
Name_ACCESSLIST
ip access-list extended
ACCESSLIST_name
allow
ip
10.17.1.0 0.0.0.255 10.16.0.0 0.0.255.255
allow
ip
10.0.1.0 0.0.0.255 10.16.0.0 0.0.0.255
allow
ip
10.0.1.0 0.0.0.255 10.17.0.0 0.0.255.255
- Interfaces
Ethernet0 interface
ip address
10.17.10.254 255.255.255.0
no logging event link-status
no cdp log mismatch duplex
no shutdown
Ethernet1 interface
ip address *********** 255.255.255.248
QOS service-policy output
auto duplex
crypto map map
no shutdown
FastEthernet1 interface
no shutdown
no keepalive
FastEthernet2 interface
no shutdown
no keepalive
FastEthernet3 interface
no shutdown
no keepalive
FastEthernet4 interface
no shutdown
no keepalive
ip classless
ip route 0.0.0.0 0.0.0.0 ***. ***. ***. **** (default gateway)
ip http server
ip http local authentication
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
--Aaccess list
ip access-list standard administration
allow 200.71.235.128 0.0.0.15
allow 200.71.238.128 0.0.0.15
allow 10.1.8.0 0.0.0.255
allow 200.71.236.0 0.0.0.7
allow 10.16.0.0 0.0.0.255
--Access list for nateo and internet access
ip access-list extended nat-internet
deny ip 10.0.1.0 0.0.0.255 10.16.0.0 0.0.0.255
deny ip 10.0.1.0 0.0.0.255 10.17.0.0 0.0.255.255
deny ip 10.17.1.0 0.0.0.255 10.16.0.0 0.0.0.255
allow ip 10.0.1.0 0.0.0.255 any
allow ip 10.17.1.0 0.0.0.255 any
--Nat to go online
ip nat inside source list nat-internet interface FastEthernet4 overload
**** DO NOT FORGET THAT IF WE WANT TO DO NAT, WE SHOULD PLACE THE FOLLOWING ****
In the External Interface
ip nat outside
In the Internal Interface
ip nat inside
- Enabling SNMP
snmp-server community public RO
snmp-server enable tty traps
With these commands we can solve the configuration of a tunnel against an ASA 5500. In another tutorial we will explain the other leg of the configuration, the one on the ASA side.
answered
Jun 24, 2019
by
stackoverflow
(
3.5m
points)
ask related question
comment
Your comment on this answer:
Your name to display (optional):
Email me at this address if a comment is added after mine:
Email me if a comment is added after mine
Privacy: Your email address will only be used for sending these notifications.
Add comment
Cancel
Related questions
+5
votes
1
answer
Cisco ASA with NTP
asked
Jun 24, 2019
in
Routers
by
backtothefuture
(
552k
points)
|
388
views
+4
votes
1
answer
How to backup (backup) cisco routers configuration
asked
Jun 23, 2019
in
Routers
by
backtothefuture
(
552k
points)
|
245
views
+5
votes
1
answer
How to reset the password of a Cisco 800 Series Router
asked
Jun 24, 2019
in
Routers
by
backtothefuture
(
552k
points)
|
846
views
+3
votes
1
answer
How to download and install Cisco Packet Tracer Windows 10
asked
Aug 20, 2019
in
Routers
by
backtothefuture
(
552k
points)
|
356
views
+4
votes
1
answer
Cisco Routers Commands
asked
Jun 24, 2019
in
Routers
by
backtothefuture
(
552k
points)
|
214
views
Sponsored articles cost $40 per post. You can contact us via
Feedback
All categories
Tutorials
7.5k
Microsoft
1.9k
Android
1.4k
Security
120
Linux / Unix
543
Internet
757
Virtualization
104
Apple
611
Networks
64
WiFi and ADSL
27
Routers
19
VPN and Routing
8
VPNandRouting
6
WiFiandADSL
2
Wi-FiandADSL
2
Other Devices
321
Other Applications
184
Hardware
19
Development
53
Digital Marketing
47
Databases
14
Graphic Design
30
Guides
794
GraphicDesign
54
Networking
4
PlayStation
186
Gaming
55
Linux/Unix
85
Manzana
33
Otherdevices
38
Otherapps
49
Digitalmarketing
39
Safety
1
Developing
2
Help
685
Social Networks
34
Android Tutorial
549
iPhone Tutorial
267
News
17
Social
6
Phone
11
Telephone
9
Applications
167
Smartphones
3
Cell Phones
11
Applications
25
Travels
6
Photo
21
Education
18
Games
25
Internet
14
Music
8
Technique
10
Video
6
Windows
5
Apple
2
Cell Phones
3
TikTok
216
Trips
2
House
1
Operating System
5
Tips & Tricks
892
Solutions
6
Tutorials
3
FAQ
1
Applications
5
Cell Phones
2
Tutorials
4
Computers
6
Tutoriales
2
8
Technology
2
In Computers
1
In Applications
2
Tutorials Tutorials
9
Applications Applications
25
Aplicaciones Applications
4
Devices Devices
5
Tutoriales Tutorials
1
Tutorials u00a0 Tutorials
2
Applications u00a0 Applications
2
Devices u00a0 Devices
1
OS OS
1
Etc Etc
2
Most popular questions within the last 30 days
Please leave a comment about whether the solution works or not (with device model)
[X]Close
10,659
questions
10,791
answers
510
comments
3
users