VRF-AWARE-----------------GETVPN配置
GM--GC的pre-shared-key cisco
REKEY-------RSA:cciekey
eigrp authentication:ccie
STEP1:VRF配置
GM端:
ip vrf xx
rd xx:xx
2.int lo xx
ip vrf forward xx
ip add xx
3.int gi xx
encapsulation dot1q xxx
ip vrf forward xx
ip add xxxx
ip authentication mode eigrp xx md5
ip authentication key-chain eigrp xx ccie
4.router eigrp xx
address-family ipv4 vrf xxx
network xxx
STEP2:GETVPN 配置
GC端
crypto key generate rsa label cciekey modules 1024
crypto isakmp policy 10
authen pre-share
group 2
encapsu 3descrypto isakmp key 0 cisco address 0.0.0.0
crypto ipsec transform-set TS esp-aes esp-sha-hmac
crypto ipsec profile IPSEC-P
set transfor-set TS
crypto gdo group xx
identity number xx
server local
address ipv4 xxxx
rekey al aes 128
rekey authen mypubkey rsa cciekey
rekey transport unicast
GM端
crypto keyring xx vrf xx
pre-shared-key address xxx key xxx
crypto isakmp policy 10
authen pre
group 2
encapsu 3descrypto gdoi group xxx
identity number xx
server address ipv4 xx
client registration int e0/2.20crypto map xx 1 gdoi
set group xxint exxx
crypto map xxx
VRF-AWARE-----------------GETVPN配置