================

R1-SANTO DOMINGO

enable configure terminal

hostname R1-SANTO-DOMINGO no ip domain-lookup

enable secret cisco123

ip domain-name empresa.local

username admin privilege 15 secret admin123

crypto key generate rsa !2048

line vty 0 4 login local transport input ssh exit

interface e0/0 no ip address no shutdown

interface e0/0 ip address 172.16.0.1 255.255.255.252 ip nat inside no shutdown

interface e0/1 ip address 172.16.0.5 255.255.255.252 ip nat inside no shutdown

interface e0/2 ip address 17.6.0.2 255.255.255.0 ip nat outside no shutdown

interface e0/3 ip address 172.16.50.1 255.255.255.0 ip nat inside no shutdown

!##VPN##

crypto isakmp policy 10 encr aes authentication pre-share group 2 exit crypto isakmp key itla2026 address 0.0.0.0 crypto ipsec transform-set ESP-AES-SHA esp-aes esp-sha-hmac mode transport exit crypto ipsec profile VPN-PROFILE set transform-set ESP-AES-SHA exit interface Tunnel0 ip address 10.0.0.1 255.255.255.0 no ip redirects ip nhrp authentication itla ip nhrp network-id 2 ip nhrp map multicast dynamic tunnel source e0/2 tunnel mode gre multipoint tunnel key 2000 tunnel protection ipsec profile VPN-PROFILE ip mtu 1400 ip tcp adjust-mss 1360 exit

router ospf 1 router-id 1.1.1.1 network 172.16.0.0 0.0.0.3 area 1 network 172.16.0.4 0.0.0.3 area 1 network 172.16.50.0 0.0.0.255 area 1 network 10.0.0.0 0.0.0.255 area 0 default-information originate exit

interface Tunnel0 ip ospf network broadcast ! Prioridad 255 para ser DR ip ospf priority 255 exit

service password-encryption

line console 0 password cisco login

ip route 0.0.0.0 0.0.0.0 e0/2 ip route 17.6.0.252 255.255.255.252 17.6.0.1

access-list 1 permit 172.16.0.0 0.1.255.255 ip nat inside source list 1 interface Ethernet0/2 overload

end write memory

=====

R-SW1