jackyee
发表于 2004-10-8 00:28:37
今天做了一个RouterOS和Cisco路由器IPSec VPN互连的实验,拓扑结构如下:10.1.1.0/24----RouterOS--192.168.1.18/24 ip ipsec installed-sa print Flags: A - AH, E - ESP, P - pfs, M - manual0 E spi=0x1FC07E86 direction=out src-address=192.168.1.18 dst-address=192.168.1.28 auth-algorithm=sha1 enc-algorithm=des replay=4 state=mature auth-key="88309c224c6ed89360737f9052b8ca3465d73e4a" enc-key="eef065a84c5ae446" add-lifetime=48m/1h use-lifetime=0s/0s lifebytes=38252052/423624704 current-addtime=oct/07/2004 22:59:28 current-usetime=oct/07/2004 22:59:29 current-bytes=51841 E spi=0xD2B7C901 direction=in src-address=192.168.1.28 dst-address=192.168.1.18 auth-algorithm=sha1 enc-algorithm=des replay=4 state=mature auth-key="b8b7144e6cbeb3fc1960452c4da244726ef17dd8" enc-key="9c8fd493ea2da1ec" add-lifetime=48m/1h use-lifetime=0s/0s lifebytes=38252052/423624704 current-addtime=oct/07/2004 22:59:28 current-usetime=oct/07/2004 22:59:29 current-bytes=4960 >
samhui
发表于 2004-10-8 01:34:49
正呀
hippo902
发表于 2004-10-8 13:49:15
请问 local Required Endpoint ID 和 Remote Optional EndpointID 在routeros哪里设置 ?
jackyee
发表于 2004-10-8 16:24:07
QUOTE (hippo902 @ Oct 8 2004, 01:49 PM)
请问 local Required Endpoint ID 和 Remote Optional EndpointID 在routeros哪里设置 ?
在Cisco Router中应该是Access-list中的local和remote网段;在RouterOS中,对应Source Address 和Destination Address, (第三步)。
hippo902
发表于 2004-10-9 10:45:52
QUOTE (jackyee @ Oct 8 2004, 04:24 PM)
QUOTE (hippo902 @ Oct 8 2004, 01:49 PM)
请问 local Required Endpoint ID 和 Remote Optional EndpointID 在routeros哪里设置 ?
在Cisco Router中应该是Access-list中的local和remote网段;在RouterOS中,对应Source Address 和Destination Address, (第三步)。
source Address and destination address 不是IP地址吗???..我问的是endpoint ID...
jackyee
发表于 2004-10-9 10:51:21
local ident (addr/mask/prot/port): (10.1.2.0/255.255.255.0/0/0)remote ident (addr/mask/prot/port): (10.1.1.0/255.255.255.0/0/0)
页:
[1]