Cisco IOS XE IKEv2 IPSec config and base build - Needed by 13/1/2020
- or -
Post a project like this1554
£150(approx. $188)
- Posted:
- Proposals: 3
- Remote
- #2673508
- OPPORTUNITY
- PRE-FUNDED
- Awarded
Description
Experience Level: Expert
I need a Cisco configuration written for a 1100 router (so running IOS XE 16.8) over the weekend. It should be relatively simple.
1108 router - to be built as 1 port allocated to be a mgmt interface (Mgmt vlan 999), one to be a WAN port to Internet, 2 ports to workstations (vlan 100) and 4 ports to terminals and phones (vlan 200). It has the security pack on it so IPSec etc is fine.
Device to have unnecessary services turned off like small-servers or http server (https is fine) and telnet removed and ssh configured on the standard vty 0-4 ports with an ACL to only allow access to vty from mgmt vlan ip range.
I'll send the ip addressing I want to use and the config/ports from a reset vanilla config, which should make it easier to the winning bidder.
IPSec tunnel needs to go over the WAN port to an Internet address and only allow the devices in VLAN 100 to traverse it for a specific range of private addresses to reach.
VLAN 200 to go over the WAN port to the Internet and cannot use the IPSec tunnel.
Standard deny all in from the Internet ACL on the WAN port.
VLAN 200 not to be able to talk to VLAN 100 and vice-versa.
Using IKEv2, DH 19, AES-128, SHA256 and PSK for IPSec.
1108 router - to be built as 1 port allocated to be a mgmt interface (Mgmt vlan 999), one to be a WAN port to Internet, 2 ports to workstations (vlan 100) and 4 ports to terminals and phones (vlan 200). It has the security pack on it so IPSec etc is fine.
Device to have unnecessary services turned off like small-servers or http server (https is fine) and telnet removed and ssh configured on the standard vty 0-4 ports with an ACL to only allow access to vty from mgmt vlan ip range.
I'll send the ip addressing I want to use and the config/ports from a reset vanilla config, which should make it easier to the winning bidder.
IPSec tunnel needs to go over the WAN port to an Internet address and only allow the devices in VLAN 100 to traverse it for a specific range of private addresses to reach.
VLAN 200 to go over the WAN port to the Internet and cannot use the IPSec tunnel.
Standard deny all in from the Internet ACL on the WAN port.
VLAN 200 not to be able to talk to VLAN 100 and vice-versa.
Using IKEv2, DH 19, AES-128, SHA256 and PSK for IPSec.
Phil T.
100% (5)Projects Completed
5
Freelancers worked with
4
Projects awarded
56%
Last project
19 Dec 2021
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
There are no clarification messages.
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies