crypto ipsec transform-set L2L esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto map l2l 1 match address LAN_Traffic
crypto map l2l 1 set peer REMOTE_IP_FIRST _PEER REMOTE_IP_SEC_PEER
crypto map l2l 1 set transform-set L2L
crypto map l2l interface outside <--Points to first ISP
crypto map l2l interface outside2 <--Point to second ISP
crypto isakmp enable outside <--Apply to first ISP
crypto isakmp enable outside2 <--Apply to second ISP
crypto isakmp policy 1
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
!
!
tunnel-group REMOTE_IP_FIRST _PEER type ipsec-l2l
tunnel-group REMOTE_IP_FIRST _PEER ipsec-attributes
pre-shared-key mapskey
tunnel-group REMOTE_IP_SEC_PEER type ipsec-l2l
tunnel-group REMOTE_IP_SEC_PEER ipsec-attributes
pre-shared-key KEY
No comments:
Post a Comment