Technical information
59
IPSec VPN Acceleration Services Module Installation and Configuration Note
78-14459-03 Rev C0
Configuration Examples
Catalyst Switch 1 (Access Port)
The Catalyst switch 1 configuration is as follows (see Figure 13):
!
version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router-1
!
boot system flash:c6sup22-jk2sv-mz
!
redundancy
main-cpu
auto-sync standard
diagnostic level complete
ip subnet-zero
!
!
no ip domain-lookup
!
ip ssh time-out 120
ip ssh authentication-retries 3
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key Jolly-Good-Fellow address 192.168.100.254
!
!
crypto ipsec transform-set TS-101 esp-3des esp-sha-hmac
!
crypto map MAP-101 10 ipsec-isakmp
set peer 192.168.100.254
set security-association lifetime kilobytes 10000
set security-association lifetime seconds 86000
set transform-set TS-101
match address AEO-101
!
!
no spanning-tree vlan 53
!
!
!
interface GigabitEthernet1/1
ip address 10.80.1.254 255.255.255.0
!
interface GigabitEthernet1/2
switchport
switchport access vlan 54
switchport mode access
no ip address
!
interface GigabitEthernet5/1
switchport
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,53,1002-1005
switchport mode trunk