資源描述:
《Cisco SSL VPN 配置實(shí)例》由會員上傳分享�,免費(fèi)在線閱讀,更多相關(guān)內(nèi)容在行業(yè)資料-天天文庫���。
1�、CiscoSSLVPN配置實(shí)例注意:這里的配置是SSLVPN的隧道模式???一��、網(wǎng)絡(luò)拓?fù)鋱D??????二��、SSLVPNServer配置???軟件版本:???CiscoIOSSoftware,7200Software(C7200-ADVSECURITYK9-M),Version12.4(9)T1,RELEASESOFTWARE(fc2)???VPN客戶端軟件:sslclient-win-1.1.2.169.pkg???1����、格式化disk0???R1#formatdisk0:???Formatoperationmaytakeawhile.Continue?[confirm]??
2、?Formatoperationwilldestroyalldatain"disk0:".???Continue?[confirm]???Format:Drivecommunication&1stSectorWriteOK...???WritingMonlibsectors.???..............................................................................................................................................???Monl
3�、ibwritecomplete???Format:Allsystemsectorswritten.OK...???Format:Totalsectorsinformattedpartition:8009???Format:Totalbytesinformattedpartition:4100608???Format:Operationcompletedsuccessfully.???Formatofdisk0complete???2�����、上傳軟件???R1#copytftpdisk0:???Addressornameofremotehost[]?192.168.10.100??
4�、?Sourcefilename[]?sslclient-win-1.1.2.169.pkg???Destinationfilename[sslclient-win-1.1.2.169.pkg]????Accessingtftp://192.168.10.100/sslclient-win-1.1.2.169.pkg...???Loadingsslclient-win-1.1.2.169.pkgfrom192.168.10.100(viaFastEthernet0/0):!!???[OK-415090bytes]???415090bytescopiedin12.892secs
5�����、(32197bytes/sec)???3���、安裝client軟件???R1(config)#webvpninstallsvcdisk0:/sslclient-win-1.1.2.169.pkg???SSLVPNPackageSSL-VPN-Client:installedsuccessfully???4��、配置SSLVPN???R1(config)#aaanew-model???R1(config)#aaaauthenticationlogindefaultlocal??//為防止控制臺超時(shí)而造成無法進(jìn)入Exec???R1(config))#aaaauthenticationl
6����、oginwebvpnlocal???R1(config)#iplocalpoolssl-add11.1.1.1011.1.1.20???R1(config)#usernameuser1password123??//定義WebVPN本地認(rèn)證用戶名,密碼???R1(config))#webvpngatewayvpngateway//定義WebVPN在哪個(gè)接口上進(jìn)行監(jiān)聽��,此時(shí)IOS會自動產(chǎn)生自簽名證書��。???R1(config-webvpn-gateway)#ipaddress192.168.10.10port443???R1(config-webvpn-gateway)#ins
7�����、ervice?//啟用webvpngateway配置???R1(config)#webvpncontextwebcontext??//定義webvpn的相關(guān)配置�,相當(dāng)于ASA的tunnel-group��,在這里可以定義???R1(config-webvpn-context)#gatewayvpngateway//將context和gateway相關(guān)聯(lián)???R1(config-webvpn-context)#aaaauthenticationlistwebvpn???R1(config-webvpn-context)#
