enable configure terminal hostname R5-BARAHONA no ip domain-lookup ip domain-name empresa2.com.do service password-encryption enable secret cisco123
username admin privilege 15 secret Admin123
crypto key generate rsa modulus 1024 ip ssh version 2
line console 0 logging synchronous password cisco login exit
line vty 0 4 transport input ssh login local exit
R5-SWA1 = switch superior R5-SWA2 = switch inferior
! ! WAN ! interface e0/0 description ENLACE-WAN-PENDIENTE ip addr dhcp ip nat outside no shutdown
! ! TRUNK HACIA SWITCH SUPERIOR ! interface e0/1 no shutdown description TRUNK-HACIA-R5-SWA1
interface e0/1.10 encapsulation dot1Q 10 description VLAN10-DEPTO1 ip address 172.24.0.1 255.255.255.248 ip nat inside
interface e0/1.20 encapsulation dot1Q 20 description VLAN20-DEPTO2 ip address 172.24.0.9 255.255.255.248 ip nat inside
interface e0/1.30 encapsulation dot1Q 30 description VLAN30-DEPTO3 ip address 172.24.0.17 255.255.255.248 ip nat inside
interface e0/1.99 encapsulation dot1Q 99 description VLAN99-GESTION ip address 172.24.0.25 255.255.255.248 ip nat inside
access-list 1 permit 172.24.0.0 0.1.255.255 ip nat inside source list 1 interface Ethernet0/0 overload
! 1. Fase 1: ISAKMP (IKEv1) crypto isakmp policy 10 encr aes authentication pre-share group 2 exit
crypto isakmp key itla2026 address 17.6.0.2
! 2. Fase 2: IPsec Transform-set y Profile crypto ipsec transform-set ESP-AES-SHA esp-aes esp-sha-hmac mode transport exit
crypto ipsec profile VPN-PROFILE set transform-set ESP-AES-SHA exit
! 3. Interfaz Física - Asegurando el Full Duplex interface e0/0 duplex full exit
! 4. Interfaz Túnel - Punta Cana interface Tunnel0 ip address 10.0.0.5 255.255.255.0