Gia sas
Exo dio router 876 kai thelo na kano vpn metaksi dio simion, mexri ekei ta katafera.
To provlima einai to eksis den kanoyn ping oi dio routers metaksi tous kai oi efarmoges den paizoun.
Den mporo na katalavo ti simvainei to idio conf to exo valei se arketes alles egkatastaaeis kai douleuei mia xara sas to dino na to deite kai eseis
protos router
Κώδικας:version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname ginis ! boot-start-marker boot-end-marker ! logging buffered 51200 debugging logging console critical enable secret 5 $1$x98y$RSxqsgLka67k5x3.FItpi/ ! no aaa new-model ! resource policy ! clock timezone PCTime 2 clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00 ip subnet-zero no ip source-route ip cef ! ! ip inspect name DEFAULT100 cuseeme ip inspect name DEFAULT100 ftp ip inspect name DEFAULT100 h323 ip inspect name DEFAULT100 icmp ip inspect name DEFAULT100 netshow ip inspect name DEFAULT100 rcmd ip inspect name DEFAULT100 realaudio ip inspect name DEFAULT100 rtsp ip inspect name DEFAULT100 esmtp ip inspect name DEFAULT100 sqlnet ip inspect name DEFAULT100 streamworks ip inspect name DEFAULT100 tftp ip inspect name DEFAULT100 tcp ip inspect name DEFAULT100 udp ip inspect name DEFAULT100 vdolive ip tcp synwait-time 10 no ip bootp server ip domain name ginis.gr ip name-server 10.65.100.1 ip ssh time-out 60 ip ssh authentication-retries 2 ! ! crypto pki trustpoint TP-self-signed-2347753704 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-2347753704 revocation-check none rsakeypair TP-self-signed-2347753704 ! ! crypto pki certificate chain TP-self-signed-2347753704 certificate self-signed 01 30820246 308201AF A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 32333437 37353337 3034301E 170D3032 30333031 30303134 30325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 33343737 35333730 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100A2EF 2BF736DD 50DD15CD 092930E1 161CABB4 5A6BD137 BDDC274C 3224CA42 A39484B8 58504C22 CE914E79 BFABD9FF 05F2398B 3367136E C978BD23 27E69FC0 5B30D3D0 772BDB7B 5583D440 31F6778B 52CCD672 EAA4BF7B 49634F22 8C4CA175 7F223E53 6A0ECA7E 5AA67247 DDB35C77 F8086DA3 DBBB4A0A 5ED84D07 1877061C 909F0203 010001A3 6E306C30 0F060355 1D130101 FF040530 030101FF 30190603 551D1104 12301082 0E67696E 69732E67 696E6973 2E677230 1F060355 1D230418 30168014 4C0FE123 C84524EA A1E2A4CC 3678F6E4 4D1061EF 301D0603 551D0E04 1604144C 0FE123C8 4524EAA1 E2A4CC36 78F6E44D 1061EF30 0D06092A 864886F7 0D010104 05000381 810079DA B47470F5 3746C3FD 25A03FFE 835D19A2 0AE0ADF5 57567F10 BBA97EB5 BCA5F85B E4F944CC 2633CB4D 381E9135 979F6AC1 231C00BC D89D2943 AE3C5979 CB72849F 259070C4 D19693A1 3339668A 19A426AE 8B05D26D 68B3EB37 E2D19A31 09A5B4FA D016D726 D95F9796 E176D503 73CE8874 9762ABEB 706E8547 AA3F77AA 9090 quit username ginis privilege 15 secret 5 $1$L1Ra$pBmzQvKfc0q14jGcTPuEZ0 ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key 9g7n4s address 83.171.243.56 ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac crypto ipsec df-bit clear ! crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to83.171.243.56 set peer 83.171.243.56 set transform-set ESP-3DES-SHA2 match address 105 ! ! ! interface BRI0 no ip address no ip redirects no ip unreachables no ip proxy-arp encapsulation hdlc ip route-cache flow shutdown ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description $ES_WAN$$FW_OUTSIDE$ pvc 8/35 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$ ip address 10.65.100.110 255.255.255.0 ip access-group 100 in no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1412 ! interface Dialer0 description $FW_OUTSIDE$ bandwidth 2000 ip address negotiated no ip redirects no ip unreachables no ip proxy-arp ip mtu 1452 ip inspect DEFAULT100 out ip nat outside ip virtual-reassembly encapsulation ppp ip route-cache flow dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname xxxxxx ppp chap password 7 xxxxxxxxxxxx ppp pap sent-username xxxxxxxx password 7 xxxxxxxxxxxxxxx crypto map SDM_CMAP_1 ! ip classless ip route 0.0.0.0 0.0.0.0 Dialer0 ip route 193.92.93.80 255.255.255.248 10.65.100.100 ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload ! logging trap debugging access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 10.0.0.0 0.255.255.255 access-list 1 permit 10.65.100.0 0.0.0.255 access-list 103 remark SDM_ACL Category=2 access-list 103 remark IPSec Rule access-list 103 deny ip 10.65.100.0 0.0.0.255 192.168.0.0 0.0.0.255 access-list 103 permit ip 10.65.100.0 0.0.0.255 any access-list 105 remark SDM_ACL Category=4 access-list 105 remark IPSec Rule access-list 105 permit ip 10.65.100.0 0.0.0.255 192.168.0.0 0.0.0.255 dialer-list 1 protocol ip permit no cdp run route-map SDM_RMAP_1 permit 1 match ip address 103 ! ! control-plane ! banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local no modem enable transport output telnet line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 end
deuteros router
Κώδικας:version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec localtime show-timezone service timestamps log datetime msec localtime show-timezone service password-encryption service sequence-numbers ! hostname glyfada ! boot-start-marker boot-end-marker ! security authentication failure rate 3 log security passwords min-length 6 logging buffered 51200 debugging logging console critical enable secret 5 $1$rxzQ$kkw29TSiYK6dDFPc7SaeR0 ! no aaa new-model ! resource policy ! clock timezone PCTime 2 clock summer-time PCTime date Mar 30 2003 3:00 Oct 26 2003 4:00 no ip source-route ip cef ! ! ! ! ip tcp synwait-time 10 no ip bootp server no ip domain lookup ip domain name yourdomain.com ip ssh time-out 60 ip ssh authentication-retries 2 ! ! crypto pki trustpoint TP-self-signed-1188488579 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1188488579 revocation-check none rsakeypair TP-self-signed-1188488579 ! ! crypto pki certificate chain TP-self-signed-1188488579 certificate self-signed 01 3082024E 308201B7 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 31313838 34383835 3739301E 170D3032 30333031 30303035 35345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31383834 38383537 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100E256 59D742E8 684C10FB E68F0B09 5E42BD26 E738278B 3F10EDD4 BA7D9D8B 2F1C4530 17903DB8 8D5172C7 D26CDC5D 63DC0712 75B96C1C 4934A7D2 19CC5A36 86797B90 A7D09918 F1000F6A D49FDF13 9A9F88F3 C5EE19BF 23FE6562 3B246173 C42C2806 377ED75B 2301E3F8 B827D0D3 6ED9F7D7 3392CF6A 5F75EBFE 2197F8D9 69DD0203 010001A3 76307430 0F060355 1D130101 FF040530 030101FF 30210603 551D1104 1A301882 16676C79 66616461 2E796F75 72646F6D 61696E2E 636F6D30 1F060355 1D230418 30168014 2BF34ECD 3B674448 E65F1046 A51FC226 3892A7B7 301D0603 551D0E04 1604142B F34ECD3B 674448E6 5F1046A5 1FC22638 92A7B730 0D06092A 864886F7 0D010104 05000381 81000BAC 5F816105 46B8190E 8E3E7074 A6868D39 C5E904BF 656A5635 75936BBA 85E72CA8 C621C6B3 5F2F381F 992631E2 5599F2D7 CE37D5F2 315DB685 4138BD19 E7D1BE4F 2F35A421 71F64483 2AB513E7 2209544A 6910A3BE 7FE1007A 1C5E4CF2 8C9C40FD DB0FEE29 B70A252C 27930546 E39F5BA9 8FD72CF7 83F37FE9 F6295116 80A2 quit username ginis privilege 15 secret 5 $1$fjJw$YtjhnyPT5Y6nuuwI/DbEN. ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key 9g7n4s address 83.171.243.137 ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac ! crypto map SDM_CMAP_1 1 ipsec-isakmp description Tunnel to83.171.243.137 set peer 83.171.243.137 set transform-set ESP-3DES-SHA1 match address 102 ! ! ! ! interface ATM0 no ip address no ip redirects no ip unreachables no ip proxy-arp ip route-cache flow no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point description $ES_WAN$$FW_OUTSIDE$ no snmp trap link-status pvc 8/35 pppoe-client dial-pool-number 1 ! ! interface FastEthernet0 ! interface FastEthernet1 ! interface FastEthernet2 ! interface FastEthernet3 ! interface Vlan1 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$ ip address 192.168.0.250 255.255.255.0 no ip redirects no ip unreachables no ip proxy-arp ip nat inside ip virtual-reassembly ip route-cache flow ip tcp adjust-mss 1412 ! interface Dialer0 ip address negotiated no ip redirects no ip unreachables no ip proxy-arp ip mtu 1452 ip nat outside ip virtual-reassembly encapsulation ppp ip route-cache flow dialer pool 1 dialer-group 1 no cdp enable ppp authentication chap pap callin ppp chap hostname xxxxxxxxx ppp chap password 7 xxxxxxxxxx ppp pap sent-username xxxxxxxxxx password 7 xxxxxxxxxxxxx crypto map SDM_CMAP_1 ! ip route 0.0.0.0 0.0.0.0 Dialer0 ip route 10.65.100.0 255.255.255.0 192.168.0.254 ! ! ip http server ip http authentication local ip http secure-server ip http timeout-policy idle 60 life 86400 requests 10000 ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload ! logging trap debugging access-list 1 remark INSIDE_IF=Vlan1 access-list 1 remark SDM_ACL Category=2 access-list 1 permit 192.168.0.0 0.0.0.255 access-list 100 remark SDM_ACL Category=4 access-list 100 remark IPSec Rule access-list 100 permit ip 192.168.0.0 0.0.0.255 10.0.0.0 0.255.255.255 access-list 101 remark SDM_ACL Category=2 access-list 101 remark IPSec Rule access-list 101 deny ip 192.168.0.0 0.0.0.255 10.65.100.0 0.0.0.255 access-list 101 permit ip 192.168.0.0 0.0.0.255 any access-list 102 remark SDM_ACL Category=4 access-list 102 remark IPSec Rule access-list 102 permit ip 192.168.0.0 0.0.0.255 10.65.100.0 0.0.0.255 dialer-list 1 protocol ip permit no cdp run ! ! ! route-map SDM_RMAP_1 permit 1 match ip address 101 ! ! control-plane ! banner login ^CAuthorized access only! Disconnect IMMEDIATELY if you are not an authorized user!^C ! line con 0 login local no modem enable transport output telnet line aux 0 login local transport output telnet line vty 0 4 privilege level 15 login local transport input telnet ssh ! scheduler max-task-time 5000 scheduler allocate 4000 1000 scheduler interval 500 ! webvpn context Default_context ssl authenticate verify all ! no inservice ! end
Εμφάνιση 1-4 από 4
Θέμα: Vpn 876
-
18-05-07, 16:28 Vpn 876 #1
-
19-05-07, 01:16 Re: Vpn 876 #2
α) No greeklish allowed
β) Γιατί έχεις τόσα ίδια transform sets. Φτιάξε λίγο το config σου πιο ανθρώπινο. Αμάν αυτό το sdm
γ) Αν και έχεις 5άρια passwords κρύψε τις πραγματικές IP σου
δ) Το no ip unreach... ξανασκέψου το αν θέλεις RDC
Και τέλος, στο δεύτερο router δώσε
no ip route 10.65.100.0 255.255.255.0 192.168.0.254
μπάς και περάσει κανα πακετάκι από το tunnelΤελευταία επεξεργασία από το μέλος gatoulas : 19-05-07 στις 01:17.
Πείτε όχι στα ναρκωτικά.
Δε φτάνουν για όλους!!!
-
19-05-07, 17:10 Απάντηση: Re: Vpn 876 #3
-
20-05-07, 00:32 Απάντηση: Vpn 876 #4
- Εγγραφή
- 22-09-2003
- Μηνύματα
- 81.767
- Downloads
- 218
- Uploads
- 48
- Άρθρα
- 6
- Τύπος
- VDSL2
- Ταχύτητα
- 204800/20480
- ISP
- Wind
- Router
- Technicolor DGA4130
- SNR / Attn
- 6(dB) / 2.8(dB)
- Path Level
- Interleaved
Greeklish που δεν διορθώθηκαν,μπορείς να ανεβάσεις πάλι την ερώτηση σου στα Ελληνικά.
We'll build a fortress to keep them out and in a world gone silent I'll be your sound and if they try to hurt you I'll tear them down I'm always with you now....
I forgot that I might see, so many Beautiful things
everything that has a beginning has an end
See the mirror in your eyes-see the truth behind your lies-your lies are haunting me See the reason in your eyes-giving answer to the why- your eyes are haunting me
Παρόμοια Θέματα
-
Cisco 876 - Zyxel 661H-D3 VPN
Από AnGeLoss στο φόρουμ Cisco ADSL modems και routersΜηνύματα: 9Τελευταίο Μήνυμα: 06-12-07, 20:35 -
VPN endpoint ή VPN Server
Από mogsub στο φόρουμ NetworkingΜηνύματα: 1Τελευταίο Μήνυμα: 05-11-07, 16:09 -
876 VPN
Από eXpLoDeR στο φόρουμ Cisco ADSL modems και routersΜηνύματα: 7Τελευταίο Μήνυμα: 30-11-06, 10:14 -
How To VPN with cisco 876 k9....
Από sotiris_l στο φόρουμ Cisco ADSL modems και routersΜηνύματα: 7Τελευταίο Μήνυμα: 28-02-06, 18:12
Bookmarks