!
! Century Systems VXR Series ver 21.7.7A (build 16/17:23 18 02 2021)
!
hostname VXR
no telnet-server enable
ssh-server enable
no rest http enable
no rest https enable
!
!
!
!
!
ipv6 forwarding
fast-forwarding enable
!
!
!
!
!
ipsec nat-traversal enable
!
l2tp udp source-port 40001
!
!
ipsec local policy 1
 address ip
 self-identity fqdn vxr
!
!
ipsec isakmp policy 1
 description NXR
 authentication pre-share ipseckey
 keepalive 30 3 periodic clear
 hash sha256
 encryption aes128
 group 5
 lifetime 86400
 isakmp-mode aggressive
 remote address ip any
 remote identity fqdn nxr
 local policy 1
!
!
ipsec tunnel policy 1
 description NXR
 negotiation-mode responder
 set transform esp-aes128 esp-sha256-hmac
 set pfs group5
 set key-exchange isakmp 1
 set sa lifetime 28800
 match address ipsec_acl
!
!
interface tunnel 1
 no ip address
 ip tcp adjust-mss auto
 tunnel mode ipsec ipv4
 tunnel protection ipsec policy 1
!
interface ethernet 0
 ip address dhcp
 ip masquerade
 ipsec policy 1
!
interface ethernet 1
 ip address 10.0.1.254/24
!
dns
 service enable
!
!
syslog
 local enable
 exit-syslog
!
!
!
!
!
!
!
!
!
ip route 192.168.10.0/24 tunnel 1
ip route 192.168.10.0/24 null 254
!
!
!
ipsec access-list ipsec_acl ip any any
!
!
end