Hi everybody,
finally we left Cisco and now I’m installing MikroTik router.
Anybody expert with Cisco configuration?
I need help to convert Cisco configuration (2 VPN tunnels in GRE mode) in RouterOS.
Could anyone more expert than me (so everyone) help me to do this?
Thanks.
SSAT_TEST#sh run
Building configuration...
Current configuration : 5045 bytes
!
! Last configuration change at 13:12:15 UTC Fri Dec 13 2013 by kbcadmin
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname SSAT_TEST
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
!
!
!
aaa session-id common
!
ip cef
!
!
!
ip vrf INET
rd 2:2
!
!
!
!
no ip domain lookup
ip domain name zag.lcl
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
redundancy
!
!
!
!
!
ip ssh version 2
!
crypto keyring keyring_ssat vrf INET
pre-shared-key address 0.0.0.0 0.0.0.0 key SSAToctrti2ERtrz83!SDGse575
!
crypto isakmp policy 10
encr aes 192
authentication pre-share
crypto isakmp profile isakmp_ssat
vrf INET
keyring keyring_ssat
match identity address 0.0.0.0 INET
!
!
crypto ipsec transform-set ts_ssat esp-aes 192 esp-sha256-hmac
mode tunnel
!
!
crypto ipsec profile ipsec_ssat
set transform-set ts_ssat
set isakmp-profile isakmp_ssat
!
!
!
!
!
!
!
interface Tunnel1000
description VPN Ufficio Internet
bandwidth 1500
ip address 10.255.0.2 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source GigabitEthernet0/1
tunnel destination 1.1.1.1
tunnel vrf INET
tunnel protection ipsec profile ipsec_ssat
!
interface Tunnel1001
description VPN Ufficio SAT
ip address 10.255.1.2 255.255.255.0
ip mtu 1400
ip tcp adjust-mss 1360
tunnel source GigabitEthernet0/2
tunnel destination 89.71.224.203
tunnel vrf INET
tunnel protection ipsec profile ipsec_ssat
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description $LOCAL LAN INTERFACE$
ip address <TO BE DEFINED>
duplex auto
speed auto
!
interface GigabitEthernet0/1
description ZAMG_EXTRANET (VLAN 180)
ip vrf forwarding INET
ip address 1.1.1.2 255.255.255.252
duplex auto
speed auto
!
interface GigabitEthernet0/2
description SOSAT-74-ost
ip vrf forwarding INET
ip address 89.71.239.48 255.255.192.0
duplex auto
speed auto
!
!
router eigrp 1000
network 10.255.0.2 0.0.0.0
network 10.255.1.2 0.0.0.0
network 192.168.2.254 0.0.0.0
passive-interface default
no passive-interface Tunnel1000
no passive-interface Tunnel1001
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip route vrf INET 0.0.0.0 0.0.0.0 89.71.192.1
ip route vrf INET 89.71.224.203 255.255.255.255 89.71.192.1
!
!
!
!
!
control-plane host
management-interface Tunnel1000 allow ssh
management-interface Tunnel1001 allow ssh
management-interface GigabitEthernet0/0 allow ssh
!
!
control-plane
!
!
banner login ^C
^C
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input ssh
transport output ssh
stopbits 1
line vty 0 4
privilege level 15
transport input ssh
transport output ssh
line vty 5 15
privilege level 15
transport input ssh
transport output ssh
line vty 16 1114
transport input ssh
transport output ssh
!
scheduler allocate 20000 1000
!
end
SSAT_TEST#