Cisco 7200 配置SSL ***
(ITCHENYI)R1(config)#do sh running-configBuilding configuration...
Current configuration : 3081 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname (ITCHENYI)R1
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login WEB*** local
!
!
aaa session-id common
ip cef
!
!
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-4294967295
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-4294967295
revocation-check none
rsakeypair TP-self-signed-4294967295
!
!
crypto pki certificate chain TP-self-signed-4294967295
certificate self-signed 01
30820244 308201AD A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 34323934 39363732 3935301E 170D3133 30323035 31363133
33325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32393439
36373239 3530819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100BB9A 57431585 6D67AD94 FA6358DE 4606BC8F B7C67AB2 340703CF DA2F49E7
F54EDD5C CCC0EC0F 51493327 60C729E6 E17B273A E3925F83 764206BD 4B9AB34D
FC6BA0FF 5BD230A9 E3360762 825CBB45 20B3D5A1 F8BD0EB9 BCC0BBCD D0DE12D3
6250153F F329BFE2 1B08A503 92AF03AE EDD0E053 29167A6B 8B317A66 A8DEC310
1A010203 010001A3 6C306A30 0F060355 1D130101 FF040530 030101FF 30170603
551D1104 10300E82 0C284954 4348454E 59492952 31301F06 03551D23 04183016
8014CB86 7372F704 9AC3C428 9A1AAB40 68E4C215 D350301D 0603551D 0E041604
14CB8673 72F7049A C3C4289A 1AAB4068 E4C215D3 50300D06 092A8648 86F70D01
01040500 03818100 88363A3C EB6C6E32 FFE99E22 3F34FCB5 99699649 A5075A8D
ABE0BABE 6562B9E4 ACFE180D A6108344 7003F056 26366C81 B616EA6B DB388E54
56DF4E84 F99E03F9 F527774F 88AB9998 A11DE569 80383DD3 62919DED 29757760
BB3129F4 BC6E54D2 40393BB3 28570654 C0A46360 B6F6373B 032AF538 D9A9CC4C
45FD6879 1F35E6CA
quit
username itchenyi password 0 123
!
!
!
!
!
!
!
interface Loopback0
ip address 11.1.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 202.103.24.68 255.255.255.0
duplex half
!
interface FastEthernet1/0
ip address 192.168.1.1 255.255.255.0
duplex half
!
ip local pool ssl-add 11.1.1.10 11.1.1.20
ip route 192.168.2.0 255.255.255.0 202.103.24.69
no ip http server
no ip http secure-server
!
!
!
logging alarm informational
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
!
!
web*** gateway ***gateway
ip address 192.168.1.1 port 443
ssl trustpoint TP-self-signed-4294967295
inservice
!
web*** install svc disk0:/web***/svc.pkg
!
web*** context webcontext
ssl authenticate verify all
!
!
policy group ssl***-policy
functions svc-enabled
svc address-pool "ssl-add"
svc split include 192.168.10.0 255.255.255.0
default-group-policy ssl***-policy
gateway ***gateway
inservice
!
!
end
页:
[1]