Codice: Seleziona tutto
crypto isakmp enable outside
access-list remoti_split standard permit host 129.6.75.1
username user01 password *** encrypted privilege 0
username user01 attributes
vpn-group-policy remoti
group-lock value remoti
ip local pool vpn-pool 129.6.75.110-129.6.75.120
group-policy remoti internal
group-policy remoti attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value remoti_split
tunnel-group remoti type ipsec-ra
tunnel-group remoti general-attributes
default-group-policy remoti
address-pool vpn-pool
tunnel-group remoti ipsec-attributes
pre-shared-key 987bdhnksa()0%
crypto isakmp policy 10 authen pre-share
crypto isakmp policy 10 encrypt 3des
crypto isakmp policy 10 hash md5
crypto isakmp policy 10 group 2
crypto isakmp policy 10 lifetime 86400
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-MD5
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp nat-traversal 20
crypto isakmp disconnect-notify
crypto isakmp reload-wait
vpn-sessiondb max-session-limit 10
access-list NAT0-ACL remark *** NAT0 PER VPN CLIENT ***
access-list NAT0-ACL extended permit ip 129.6.75.0 255.255.255.0 129.6.75.0 255.255.255.0
nat (inside) 0 access-list NAT0-ACL
Codice: Seleziona tutto
group-policy DfltGrpPolicy attributes
vpn-idle-timeout none
vpn-simultaneous-logins 10
split-dns value ***.***.loc
dns-server value 129.6.75.100
default-domain value ***.***.loc
banner none
banner value ****************************************************************
banner value ---------------------------------------------------------------
banner value VPN AZIENDALE ***
banner value ---------------------------------------------------------------
banner value WARNING: System is RESTRICTED to authorized personnel ONLY!
banner value Unauthorized use of this system will be logged and
banner value prosecuted to the fullest extent of the law.
banner value If you are NOT authorized to use this system, LOG OFF NOW!
banner value ****************************************************************
Codice: Seleziona tutto
access-list remoti-lan_SPLIT standard permit 129.6.75.0 255.255.255.0
username vpnadmin password *** encrypted privilege 0
username vpnadmin attributes
vpn-group-policy remoti-lan
group-lock value remoti-lan
group-policy remoti-lan internal
group-policy remoti-lan attributes
vpn-tunnel-protocol IPSec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value remoti-lan_SPLIT
tunnel-group remoti-lan type ipsec-ra
tunnel-group remoti-lan general-attributes
default-group-policy remoti-lan
address-pool vpn-pool
tunnel-group remoti-lan ipsec-attributes
pre-shared-key jhbhjabgew765723)=)%
crypto dynamic-map outside_dyn_map 40 set pfs
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-MD5