RE: [cisco-ttl] pix vpn sorunu

From: onur kasap (kasap_onur_at_yahoo.com)
Date: Mon Jan 19 2004 - 06:37:45 GMT

  • Next message: sustundag_at_secura.com.tr: "RE: [cisco-ttl] pix vpn sorunu"

    serkan hocam
    clientler pix e gelene kadar nat a ugruyorlar.
    pool u degistirdim ama olmadi :(

    --- sustundag_at_secura.com.tr wrote:
    > Clientlar PIX`e gelene kadar NAT`a ugruyorlarmi ya
    > da dial-up ile mi geliyorlar
    > Bir de routing problemi falan olabilir diye denemek
    > icin eger bos ip araligi varsa pool`u `192.168.2.0
    > networkunden verirmisin
    >
    >
    >
    > Serkan Ustundag
    >
    > Network and Security Engineer
    > CCNP,CCDP,CCSE
    > CCSP (Cisco Certified Security Professional)
    > Cisco Network Management Specialist
    > sustundag_at_secura.com.tr
    >
    >
    > Secura bir TEPUM grup şirketidir.
    >
    > Gazeteciler Mahallesi Haberler Sokak
    > No:8 34394 Esentepe Istanbul
    > Direkt: +90 212 355 06 40
    > Santral: +90 212 355 06 00
    > Faks: +90 212 275 71 15
    >
    > www.secura.com.tr
    > www.tepum.com.tr
    >
    >
    > -----Original Message-----
    > From: onur kasap [mailto:kasap_onur_at_yahoo.com]
    > Sent: Friday, January 16, 2004 6:53 PM
    > To: cisco-ttl_at_yahoogroups.com
    > Subject: RE: [cisco-ttl] pix vpn sorunu
    >
    > oncelikle tesekkur ederim,
    > access-list zaten dediginiz gibi
    >
    > ikisininde sequence numberlarini 10 yapincada vpn
    > client ile baglanamadim.
    >
    > crypto dynamic-map cisco 10 set transform-set strong
    > crypto map partner-map 10 ipsec-isakmp dynamic cisco
    >
    >
    >
    >
    >
    > --- sustundag_at_secura.com.tr wrote:
    > > Access-listin
    > > access-list 80 permit ip 192.168.2.0 255.255.255.0
    > > 192.168.10.0 255.255.255.0 seklinde olmasi lazim
    > >
    > > crypto dynamic-map cisco 10 set transform-set
    > strong
    > > crypto map partner-map 20 ipsec-isakmp dynamic
    > cisco
    > >
    > > Buradaki sequence numberlari farkli
    > >
    > >
    > > Serkan Ustundag
    > >
    > > Network and Security Engineer
    > > CCNP,CCDP,CCSE
    > > CCSP (Cisco Certified Security Professional)
    > > Cisco Network Management Specialist
    > > sustundag_at_secura.com.tr
    > >
    > >
    > > Secura bir TEPUM grup ºirketidir.
    > >
    > > Gazeteciler Mahallesi Haberler Sokak
    > > No:8 34394 Esentepe Istanbul
    > > Direkt: +90 212 355 06 40
    > > Santral: +90 212 355 06 00
    > > Faks: +90 212 275 71 15
    > >
    > > www.secura.com.tr
    > > www.tepum.com.tr
    > >
    > > -----Original Message-----
    > > From: onur kasap [mailto:kasap_onur_at_yahoo.com]
    > > Sent: Friday, January 16, 2004 5:26 PM
    > > To: cisco-ttl_at_yahoogroups.com
    > > Subject: [cisco-ttl] pix vpn sorunu
    > >
    > > merhaba arkadaslar
    > > merkezimize uzaktan vpn client version 3.5 ile pix
    > > 6.3
    > > uzerinden local network e baglanmaya calisiyorum.
    > > asagidaki konfigurasyonu girdim. pix ile baglanti
    > > saglaniyor fakat icerideki hic bir makineye
    > > ulasamiyorum (192.168.10.0 li network icin route
    > > ekledigim halde).
    > >
    > > aklima hicbir sey gelmiyor
    > > yardimci olabilirseniz cok sevinirim.
    > > tesekkurler
    > >
    > > isakmp enable outside
    > > isakmp policy 10 encryption 3des
    > > isakmp policy 10 hash md5
    > > isakmp policy 10 authentication pre-share
    > > isakmp policy 10 group 2
    > > isakmp key ***** address 0.0.0.0 netmask 0.0.0.0
    > >
    > > access-list 80 permit ip 192.168.2.0 255.255.255.0
    > > 192.168.10.0 255.255.255.0
    > > nat(inside) 0 access-list 80
    > >
    > > crypto ipsec transform-set strong esp-3des
    > > esp-sha-hmac
    > > crypto dynamic-map cisco 10 set transform-set
    > strong
    > > crypto map partner-map 20 ipsec-isakmp dynamic
    > cisco
    > > crypto map partner-map interface outside
    > >
    > > ip local pool havuz 192.168.10.100-192.168.10.254
    > > isakmp client configuration address-pool local
    > > dealer
    > > outside
    > >
    > > vpngroup bagcilarbld address-pool havuz
    > > vpngroup bagcilarbld split-tunnel 80
    > > vpngroup bagcilarbld idle-time 1800
    > > vpngroup bagcilarbld password ******
    > > sysopt connection permit-ipsec
    > >
    > > __________________________________
    > > Do you Yahoo!?
    > > Yahoo! Hotjobs: Enter the "Signing Bonus"
    > > Sweepstakes
    > > http://hotjobs.sweepstakes.yahoo.com/signingbonus
    > >
    > > Bu listenin Cisco Systems ile dogrudan herhangi
    > bir
    > > baglantisi bulunmamaktadir.
    > >
    > > Listeden cikmak için
    > > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > > e-posta gönderebilirsiniz.
    > >
    > >
    > > Yahoo! Groups Links
    > >
    > > To visit your group on the web, go to:
    > > http://groups.yahoo.com/group/cisco-ttl/
    > >
    > > To unsubscribe from this group, send an email to:
    > > cisco-ttl-unsubscribe_at_yahoogroups.com
    > >
    > > Your use of Yahoo! Groups is subject to:
    > > http://docs.yahoo.com/info/terms/
    > >
    > >
    > >
    > >
    > > Bu listenin Cisco Systems ile dogrudan herhangi
    > bir
    > > baglantisi bulunmamaktadir.
    > >
    > > Listeden cikmak için
    > > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > > e-posta gönderebilirsiniz.
    > >
    > > Yahoo! Groups Links
    > >
    > > To visit your group on the web, go to:
    > > http://groups.yahoo.com/group/cisco-ttl/
    > >
    > > To unsubscribe from this group, send an email to:
    > > cisco-ttl-unsubscribe_at_yahoogroups.com
    > >
    > > Your use of Yahoo! Groups is subject to:
    > > http://docs.yahoo.com/info/terms/
    > >
    > >
    >
    >
    > __________________________________
    > Do you Yahoo!?
    > Yahoo! Hotjobs: Enter the "Signing Bonus"
    > Sweepstakes
    > http://hotjobs.sweepstakes.yahoo.com/signingbonus
    >
    > Bu listenin Cisco Systems ile dogrudan herhangi bir
    > baglantisi bulunmamaktadir.
    >
    > Listeden cikmak için
    > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > e-posta gönderebilirsiniz.
    >
    > Yahoo! Groups Links
    >
    > To visit your group on the web, go to:
    > http://groups.yahoo.com/group/cisco-ttl/
    >
    > To unsubscribe from this group, send an email to:
    > cisco-ttl-unsubscribe_at_yahoogroups.com
    >
    === message truncated ===

    __________________________________
    Do you Yahoo!?
    Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
    http://hotjobs.sweepstakes.yahoo.com/signingbonus

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    Yahoo! Groups Links

    To visit your group on the web, go to:
     http://groups.yahoo.com/group/cisco-ttl/

    To unsubscribe from this group, send an email to:
     cisco-ttl-unsubscribe_at_yahoogroups.com

    Your use of Yahoo! Groups is subject to:
     http://docs.yahoo.com/info/terms/



    This archive was generated by hypermail 2.1.5 : Mon Jan 19 2004 - 10:43:34 GMT