Текст cisco-like конфигурации GW2

!

version 12.4

no service password-encryption

!

crypto ipsec df-bit copy

crypto isakmp identity dn

username cscons privilege 15 password 0 csp

aaa new-model

!

!

hostname GW2

enable password csp

!

!

!

logging trap debugging

!

!

crypto isakmp policy 1

 encr gost

 hash gost

 authentication gost-sig

 group vko

!

crypto ipsec transform-set TSET esp-gost28147-4m-imit

!

ip access-list extended LIST

 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

!

!

crypto map CMAP 1 ipsec-isakmp

 match address LIST

 set transform-set TSET

 set pfs vko

 set peer 10.0.0.2

!

interface GigabitEthernet0/0

 ip address 192.168.101.2 255.255.255.0

 crypto map CMAP

!

interface GigabitEthernet0/2

 ip address 192.168.2.1 255.255.255.0

!

!

ip route 0.0.0.0 0.0.0.0 192.168.101.1

!

crypto pki trustpoint s-terra_technological_trustpoint

 revocation-check none

crypto pki certificate chain s-terra_technological_trustpoint

certificate 4E4B0B11EFDB389E4E86244CDAA1B275

30820216308201C5A00302010202104E4B0B11EFDB389E4E86244CDAA1B27530

009B097DD81A81CFC792664AAC9E6908587195AE17A5D526DE196CB0D5B7E713

E9D07F4DC61F04CDBC87579FC44CE66D524CF742F2784805733F

 

quit

!

end