router vpn tunnel
interface Tunnel[[tunnel_id]] ip vrf forwarding [[vrf_name]] ip address [[tunnel_local_ip]] [[tunnel_local_mask]] load-interval 30 tunnel source [[tunnel_source_ip]] tunnel mode ipsec ipv4 tunnel destination [[tunnel_destination_ip]] tunnel vrf [[vrf_name]] tunnel protection ipsec profile [[ipsec_profile]] ! crypto ipsec profile [[ipsec_profile]] set transform-set [[transform_set]] set ikev2-profile [[ike_v2_profile]] crypto ipsec transform-set vti02-transform-set esp-aes 256 esp-sha-hmac crypto ikev2 profile [[ike_v2_profile]] match fvrf ibm-gromero match address local 10.72.59.33 match identity remote address 40.70.190.52 255.255.255.255 authentication remote pre-share key [[pre_shared_key]] authentication local pre-share key [[pre_shared_key]] ! router ospf 2 vrf ibm-gromero router-id 1.1.1.5 capability [[vrf_name]] redistribute connected subnets route-map [[route_map_connecter]] redistribute static subnets route-map [[route_map_static]] network 10.169.169.5 0.0.0.0 area 0 route-map [[route_map_connecter]] permit 10 match ip address prefix-list [[connected_prefix_list]] set metric 10 ip prefix-list [[connected_prefix_list]] seq 5 permit 10.90.73.0/24 route-map [[route_map_static]] permit 10 match ip address prefix-list [[static_prefix_list]] set metric 10 ip prefix-list [[static_prefix_list]] seq 5 deny 10.90.71.0/24 ip prefix-list [[static_prefix_list]] seq 6 deny 10.90.72.0/24 ip prefix-list [[static_prefix_list]] seq 7 deny 10.90.74.0/24 ip prefix-list [[static_prefix_list]] seq 8 deny 10.90.75.0/24 ip prefix-list [[static_prefix_list]] seq 9 deny 10.73.117.0/26 ip prefix-list [[static_prefix_list]] seq 10 deny 10.72.2.61/32 ip prefix-list [[static_prefix_list]] seq 11 deny 10.72.2.62/32 ip prefix-list [[static_prefix_list]] seq 12 deny 10.72.2.63/32 ip prefix-list [[static_prefix_list]] seq 5000 permit 0.0.0.0/0 le 32 ip route vrf [[vrf_name]] 10.88.1.6 255.255.255.255 Tunnel[[tunnel_id]]



tunnel_id:
vrf_name:
tunnel_local_ip:
tunnel_local_mask:
tunnel_source_ip:
tunnel_destination_ip:
ipsec_profile:
transform_set:
ike_v2_profile:
pre_shared_key:
route_map_connecter:
route_map_static:
connected_prefix_list:
static_prefix_list:


Use this code to post the full script to your own page:



Use this code to post only the variables to your own page: