R1:北京
acl 3001
[r1-acl-adv-3001]rule permit ip source 10.10.0.0 0.0.255.255 destination 10.13.0
.0 0.0.255.255
[r1-acl-adv-3001]q
[r1]ipsec proposal IPSEC 使用proposal 起名为IPSEC
[r1-ipsec-proposal-IPSEC]esp authentication-algorithm sha2-256
[r1-ipsec-proposal-IPSEC]esp encryption-algorithm aes-192
[r1]ipsec policy IPSEC 10 manual
[r1-ipsec-policy-manual-IPSEC-10]security acl 3001
[r1-ipsec-policy-manual-IPSEC-10]proposal IPSEC
[r1-ipsec-policy-manual-IPSEC-10]tunnel local 200.1.1.2
[r1-ipsec-policy-manual-IPSEC-10]tunnel remote 222.3.3.3
[r1-ipsec-policy-manual-IPSEC-10]sa spi outbound esp 123456
[r1-ipsec-policy-manual-IPSEC-10]sa spi inbound esp 654321
[r1-ipsec-policy-manual-IPSEC-10]sa string-key outbound esp cipher AAAAAA
[r1-ipsec-policy-manual-IPSEC-10]sa string-key inbound esp cipher BBBBBB
[r1-GigabitEthernet0/0/1]ipsec policy IPSEC
R4: 上海
acl 3001
[r4-acl-adv-3001]rule permit ip source 10.13.0.0 0.0.255.255 destination 10.10.0
.0 0.0.255.255
[r4-acl-adv-3001]q
[r4]ipsec proposal IPSEC 使用proposal 起名为IPSEC
[r4-ipsec-proposal-IPSEC]esp authentication-algorithm sha2-256
[r4-ipsec-proposal-IPSEC]esp encryption-algorithm aes-192
[r4]ipsec policy IPSEC 10 manual
[r4-ipsec-policy-manual-IPSEC-10]security acl 3001
[r4-ipsec-policy-manual-IPSEC-10]proposal IPSEC
[r4-ipsec-policy-manual-IPSEC-10]tunnel local 222.3.3.3
[r4-ipsec-policy-manual-IPSEC-10]tunnel remote 200.1.1.2
[r4-ipsec-policy-manual-IPSEC-10]sa spi outbound esp 654321
[r4-ipsec-policy-manual-IPSEC-10]sa spi inbound esp 123456
[r4-ipsec-policy-manual-IPSEC-10]sa string-key outbound esp cipher BBBBBB
[r4-ipsec-policy-manual-IPSEC-10]sa string-key inbound esp cipher AAAAAA
[r4-ipsec-policy-manual-IPSEC-10]q
[r4]interface g0/0/0
[r4-GigabitEthernet0/0/0]ipsec policy IPSEC
