|
|
Re: [cisco-ttl] Re: ASA Remote Access
From: Ekrem CELIKEL <ekremcelikel_at_....>
Date: Mon Apr 10 2006 - 14:49:22 EEST
Config ve verdiği hata aşağıdadır. İlginize teşekkürler access-list inside_nat0_outbound line 1 extended permit ip 192.168.20.0 255.255.255.0 192.168.50.0 255.255.255.0
nat (inside) 0 access-list inside_nat0_outbound
access-list EKREM_splitTunnelAcl standard permit 192.168.20.0 255.255.255.0
ip local pool pool1 192.168.50.1-192.168.50.254 mask 255.255.255.0
group-policy EKREM internal
group-policy EKREM attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value EKREM_splitTunnelAcl
dns-server value 192.168.20.2
tunnel-group EKREM type ipsec-ra
tunnel-group EKREM general-attributes
default-group-policy EKREM
address-pool pool1
tunnel-group EKREM ipsec-attributes
pre-shared-key *********
isakmp policy 10 authen pre-share
isakmp policy 10 encrypt 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
access-list g.shdsl_cryptomap_dyn_20 extended permit ip 192.168.20.0 255.255.255.0 192.168.50.0 255.255.255.0
crypto dynamic-map g.shdsl_dyn_map 20 match address g.shdsl_cryptomap_dyn_20
crypto dynamic-map g.shdsl_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map g.shdsl_dyn_map 20 set security-association lifetime seconds 28800 kilobytes 4608000
crypto map g.shdsl_map 65535 ipsec-isakmp dynamic g.shdsl_dyn_map
crypto map g.shdsl_map interface g.shdsl
sysopt connection permit-ipsec
Rejecting IPSec tunnel: no matching crypto map entry for remote proxy 192.168.50.2/255.255.255.255/0/0 local proxy 0.0.0.0/0.0.0.0/0/0 on interface g.shdsl
"serkan.ustundag" <sustundag@secura.com.tr> wrote:
Ekrem selam
group-policy mygroup attributes split-tunnel-policy tunnelspecified split-tunnel-network-list value mysplitTunnelAcl access-list mysplitTunnelAcl standard permit 192.168.1.0 255.255.255.0 Ben bu sekilde baglanabiliyorum.Sen var olan konfigurasyonu gonderirsen yardimci oluruz. Kolay gelsin Serkan Ustundag Secura Guvenlik Teknolojileri
--
Cisco Teknik Tartisma Listesi (Cisco-ttl)
Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar.
---------------------------------
YAHOO! GROUPS LINKS
Visit your group "cisco-ttl" on the web.
To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe@yahoogroups.com
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.
---------------------------------
---------------------------------
Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
[Non-text portions of this message have been removed]
--
Cisco Teknik Tartisma Listesi (Cisco-ttl)
Bu listede onerilen degisikliklerin uygulanmasindaki tum sorumluluk
kullaniciya aittir. Liste yoneticileri, oneride bulunan liste uyeleri ya da
bu uyelerin calistigi kuruluslar herhangi bir sekilde sorumlu tutulamazlar.
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/cisco-ttl/
<*> To unsubscribe from this group, send an email to:
cisco-ttl-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/
Received on Mon Apr 10 14:51:44 2006
This archive was generated by hypermail 2.1.8 : Mon Apr 10 2006 - 14:51:44 EEST |