RouterA(config)# sh conf hostname RouterA timezone +09 00 ip ufs-cache enable ip route 20.20.20.0/24 10.10.10.1 ip route 192.168.1.0/24 Tunnel0.0 ip nat pool pool1 192.168.0.1 192.168.0.254 ip access-list list1 permit ip src 172.16.0.0/24 dest 192.168.1.0/24 ip access-list list2 permit ip src 172.16.0.0/24 dest any ike policy ike-policy peer 20.20.20.20 key himitsukagi default ipsec autokey-map ipsec-policy list1 peer 20.20.20.20 default ipsec local-id ipsec-policy 192.168.0.0/24 ipsec remote-id ipsec-policy 192.168.1.0/24 device GigaEthernet0 device GigaEthernet1 device GigaEthernet2 device BRI0 isdn switch-type hsd128k device USB0 shutdown 0567anonymous@ai126202162244.64.access-internet.ne.jp2017/01/17(火) 07:14:35.27ID:JyVRipg9 interface GigaEthernet0.0 ip address 10.10.10.10/24 no shutdown interface GigaEthernet1.0 no ip address shutdown interface GigaEthernet2.0 ip address 172.16.0.254/24 no shutdown interface BRI0.0 encapsulation ppp no auto-connect no ip address shutdown interface USB-Serial0.0 encapsulation ppp no auto-connect no ip address shutdown interface Loopback0.0 no ip address interface Null0.0 no ip address interface Tunnel0.0 tunnel mode ipsec no ip address ip nat enable ip nat dynamic list list2 pool pool1 ipsec policy tunnel ipsec-policy out no shutdown RouterA(config)# 0568anonymous@ai126202162244.64.access-internet.ne.jp2017/01/17(火) 07:14:55.16ID:JyVRipg9 RouterB(config)# sh conf Using 1538 out of 524288 bytes hostname RouterBtimezone +09 00 logging buffered 131072 logging subsystem all warn logging timestamp datetime ip ufs-cache enable ip route 10.10.10.0/24 20.20.20.1 ip route 192.168.0.0/24 Tunnel0.0 ip dhcp enable ip access-list list1 permit ip src 192.168.1.0/24 dest 192.168.0.0/24 ip access-list web-http-acl permit ip src any dest 192.168.1.254/32 ike policy ike-policy peer 10.10.10.10 key himitsukagi default ipsec autokey-map ipsec-policy list1 peer 10.10.10.10 default ipsec local-id ipsec-policy 192.168.1.0/24 ipsec remote-id ipsec-policy 192.168.0.0/24 http-server ip access-list web-http-acl http-server ip enable 0569anonymous@ai126202162244.64.access-internet.ne.jp2017/01/17(火) 07:15:58.39ID:JyVRipg9 web-console interface lan1 GigaEthernet1.0 ip dhcp profile web-dhcp-gigaethernet1.0 dns-server 192.168.1.254 device GigaEthernet0 device GigaEthernet1 interface GigaEthernet0.0 ip address 20.20.20.20/24 no shutdown interface GigaEthernet1.0 ip address 192.168.1.254/24 ip dhcp binding web-dhcp-gigaethernet1.0 no shutdown interface Loopback0.0 no ip address interface Null0.0 no ip address interface Tunnel0.0 tunnel mode ipsec no ip address ipsec policy tunnel ipsec-policy out no shutdown RouterB(config)#