.html.resources/146B75B7-A25E-433F-B4B2-D08D51EBB2AC.png)
R1:
interface FastEthernet0/0
ip address 1.1.1.1 255.255.255.0
ip route 10.2.2.2 255.255.255.255 1.1.1.10
R2:
interface FastEthernet0/0
ip address 2.2.2.2 255.255.255.0
interface Loopback0
ip address 10.2.2.2 255.255.255.255
ip route 1.1.1.0 255.255.255.0 2.2.2.10
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 3600
crypto isakmp key cisco address 2.2.2.10
access-list 111 permit ip host 10.2.2.2 host 1.1.1.1
crypto ipsec transform-set TSET esp-des esp-sha-hmac
crypto map CRYMAP 1 ipsec-isakmp
set peer 2.2.2.10
set transform-set TSET
match address 111
interface FastEthernet0/0
crypto map CRYMAP
ASA1:
interface Ethernet0/0
nameif outside
security-level 0
ip address 2.2.2.10 255.255.255.0
interface Ethernet0/1
nameif inside
security-level 100
ip address 1.1.1.10 255.255.255.0
route outside 10.2.2.2 255.255.255.255 2.2.2.2
crypto isakmp policy 5
authentication pre-share
encryption 3des
hash md5
group 2
lifetime 3600
tunnel-group 2.2.2.2 type ipsec-l2l
tunnel-group 2.2.2.2 ipsec-attributes
pre-shared-key cisco
access-list 101 extended permit ip host 1.1.1.1 host 10.2.2.2
crypto ipsec transform-set TSET esp-des esp-sha-hmac
crypto map CMAP 5 match address 101
crypto map CMAP 5 set peer 2.2.2.2
crypto map CMAP 5 set transform-set TSET
crypto map CMAP interface outside