定义接口：i
terfaceEther
et0
ameifoutsidesecuritylevel0ipaddress2182471162255255255224i
terfaceEther
et1
ameifi
sidesecuritylevel100ipaddress10101012552552550定义ACL：accesslist
o
atexte
dedpermitip1010100255255255019216820002552552550accesslist
o
atexte
dedpermitip192168002552550019216820002552552550accesslistto_vp
exte
dedpermitip192168002552550019216820002552552550accesslistto_vp
exte
dedpermitip192
f168200025525525501921680025525500accesslistto_vp
exte
dedpermitip1010100255255255019216820002552552550accesslistto_vp
exte
dedpermitip1921682000255255255010101002552552550accesslistaaaexte
dedpermiticmpa
ya
yaccesslistaaaexte
dedpermitip19216820002552552550a
y定义VPN地址池：iplocalpool11921682001192168200254mask2552552550定义NAT转换：globaloutside12182471163
ati
side0accesslist
o
at
ati
side110101002552552550
ati
side11921680025525500将accesslistaaa应用到outside接口上：
faccessgroupaaai
i
terfaceoutside写路由：routeoutside0000000021824711611routei
side192168002552550010101021定义group组策略：grouppolicydymtvp
i
ter
algrouppolicydymtvp
attributesvp
idletimeout900splittu
elpolicytu
elspecifiedsplittu
el
etworklistvalueto_vp
定义VPN用户名、密码：user
ametestuserpasswordhr0jyWze24KV0pD1e
crypteduser
amelvdo
gpasswordaeLSov33qP3xCMe
crypted定义ipsec策略：cryptoipsectra
sformsetdymtvp
esp3desespmd5hmac定义动态映射：cryptody
amicmapdymtvp
10settra
sfo
frmsetdymtvp
将动态映射绑定到静态映射：cryptomapdymtvp
20ipsecisakmpdy
amicdymtvp
将静态映射应用到接口上：cryptomapdymtvp
i
terfaceoutside定义IKE：cryptoisakmpide
tityaddresscryptoisakmpe
ableoutsidecryptoisakmppolicy10authe
ticatio
presharee
cryptio
3deshashmd5group2lifetime86400定义隧道组：tu
elgroupdymtvp
typeipsecratu
elgroupdymtvp
ge
eralattributesaddresspool1authe
ticatio
servergroupoutsideLOCALdefaultgrouppolicydymtvp

ftu
elgroupdymtvp
ipsecattributespresharedkey
fr