RE: [cisco-ttl] pix vpn sorunu

From: sustundag_at_secura.com.tr
Date: Wed Jan 21 2004 - 07:59:42 GMT

  • Next message: Duygu Dogmus: "RE: [cisco-ttl] ADSL Statik IP"

    Ya sen dial up dan da denettin aynı durum mu var ..
    Tunel kuruluyor trafik yok?
    Conduitlerin sorun olacagını sanmıyorum

    Serkan Ustundag

     

    Network and Security Engineer

    CCNP,CCDP,CCSE

    CCSP (Cisco Certified Security Professional)

    Cisco Network Management Specialist

    sustundag_at_secura.com.tr

     Secura bir TEPUM grup şirketidir.

     Gazeteciler Mahallesi Haberler Sokak

    No:8 34394 Esentepe Istanbul

    Direkt: +90 212 355 06 40

    Santral: +90 212 355 06 00

    Faks: +90 212 275 71 15

     

    www.secura.com.tr

    www.tepum.com.tr

    -----Original Message-----
    From: onur kasap [mailto:kasap_onur_at_yahoo.com]
    Sent: Wednesday, January 21, 2004 11:50 AM
    To: cisco-ttl_at_yahoogroups.com
    Subject: RE: [cisco-ttl] pix vpn sorunu

    merhaba
    serkan hocam herseyi denedim bir turlu olmuyor.
    allow ipsec over udp (nat/pat ) isaretli.
    pdm den wizard i kullandim tekrar yaptim olmadi.

    acaba conduit lerin kullanilmis olmasi bir sorun
    yaratirmi. (sattic tanimlari ile beraber kullanilmis
    conduit ler)

    --- sustundag_at_secura.com.tr wrote:
    > Clientlar PIX`e gelene kadar NAT`a ugruyorlarmi ya
    > da dial-up ile mi geliyorlar
    > Bir de routing problemi falan olabilir diye denemek
    > icin eger bos ip araligi varsa pool`u `192.168.2.0
    > networkunden verirmisin
    >
    >
    >
    > Serkan Ustundag
    >
    > Network and Security Engineer
    > CCNP,CCDP,CCSE
    > CCSP (Cisco Certified Security Professional)
    > Cisco Network Management Specialist
    > sustundag_at_secura.com.tr
    >
    >
    > Secura bir TEPUM grup þirketidir.
    >
    > Gazeteciler Mahallesi Haberler Sokak
    > No:8 34394 Esentepe Istanbul
    > Direkt: +90 212 355 06 40
    > Santral: +90 212 355 06 00
    > Faks: +90 212 275 71 15
    >
    > www.secura.com.tr
    > www.tepum.com.tr
    >
    >
    > -----Original Message-----
    > From: onur kasap [mailto:kasap_onur_at_yahoo.com]
    > Sent: Friday, January 16, 2004 6:53 PM
    > To: cisco-ttl_at_yahoogroups.com
    > Subject: RE: [cisco-ttl] pix vpn sorunu
    >
    > oncelikle tesekkur ederim,
    > access-list zaten dediginiz gibi
    >
    > ikisininde sequence numberlarini 10 yapincada vpn
    > client ile baglanamadim.
    >
    > crypto dynamic-map cisco 10 set transform-set strong
    > crypto map partner-map 10 ipsec-isakmp dynamic cisco
    >
    >
    >
    >
    >
    > --- sustundag_at_secura.com.tr wrote:
    > > Access-listin
    > > access-list 80 permit ip 192.168.2.0 255.255.255.0
    > > 192.168.10.0 255.255.255.0 seklinde olmasi lazim
    > >
    > > crypto dynamic-map cisco 10 set transform-set
    > strong
    > > crypto map partner-map 20 ipsec-isakmp dynamic
    > cisco
    > >
    > > Buradaki sequence numberlari farkli
    > >
    > >
    > > Serkan Ustundag
    > >
    > > Network and Security Engineer
    > > CCNP,CCDP,CCSE
    > > CCSP (Cisco Certified Security Professional)
    > > Cisco Network Management Specialist
    > > sustundag_at_secura.com.tr
    > >
    > >
    > > Secura bir TEPUM grup ºirketidir.
    > >
    > > Gazeteciler Mahallesi Haberler Sokak
    > > No:8 34394 Esentepe Istanbul
    > > Direkt: +90 212 355 06 40
    > > Santral: +90 212 355 06 00
    > > Faks: +90 212 275 71 15
    > >
    > > www.secura.com.tr
    > > www.tepum.com.tr
    > >
    > > -----Original Message-----
    > > From: onur kasap [mailto:kasap_onur_at_yahoo.com]
    > > Sent: Friday, January 16, 2004 5:26 PM
    > > To: cisco-ttl_at_yahoogroups.com
    > > Subject: [cisco-ttl] pix vpn sorunu
    > >
    > > merhaba arkadaslar
    > > merkezimize uzaktan vpn client version 3.5 ile pix
    > > 6.3
    > > uzerinden local network e baglanmaya calisiyorum.
    > > asagidaki konfigurasyonu girdim. pix ile baglanti
    > > saglaniyor fakat icerideki hic bir makineye
    > > ulasamiyorum (192.168.10.0 li network icin route
    > > ekledigim halde).
    > >
    > > aklima hicbir sey gelmiyor
    > > yardimci olabilirseniz cok sevinirim.
    > > tesekkurler
    > >
    > > isakmp enable outside
    > > isakmp policy 10 encryption 3des
    > > isakmp policy 10 hash md5
    > > isakmp policy 10 authentication pre-share
    > > isakmp policy 10 group 2
    > > isakmp key ***** address 0.0.0.0 netmask 0.0.0.0
    > >
    > > access-list 80 permit ip 192.168.2.0 255.255.255.0
    > > 192.168.10.0 255.255.255.0
    > > nat(inside) 0 access-list 80
    > >
    > > crypto ipsec transform-set strong esp-3des
    > > esp-sha-hmac
    > > crypto dynamic-map cisco 10 set transform-set
    > strong
    > > crypto map partner-map 20 ipsec-isakmp dynamic
    > cisco
    > > crypto map partner-map interface outside
    > >
    > > ip local pool havuz 192.168.10.100-192.168.10.254
    > > isakmp client configuration address-pool local
    > > dealer
    > > outside
    > >
    > > vpngroup bagcilarbld address-pool havuz
    > > vpngroup bagcilarbld split-tunnel 80
    > > vpngroup bagcilarbld idle-time 1800
    > > vpngroup bagcilarbld password ******
    > > sysopt connection permit-ipsec
    > >
    > > __________________________________
    > > Do you Yahoo!?
    > > Yahoo! Hotjobs: Enter the "Signing Bonus"
    > > Sweepstakes
    > > http://hotjobs.sweepstakes.yahoo.com/signingbonus
    > >
    > > Bu listenin Cisco Systems ile dogrudan herhangi
    > bir
    > > baglantisi bulunmamaktadir.
    > >
    > > Listeden cikmak için
    > > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > > e-posta gönderebilirsiniz.
    > >
    > >
    > > Yahoo! Groups Links
    > >
    > > To visit your group on the web, go to:
    > > http://groups.yahoo.com/group/cisco-ttl/
    > >
    > > To unsubscribe from this group, send an email to:
    > > cisco-ttl-unsubscribe_at_yahoogroups.com
    > >
    > > Your use of Yahoo! Groups is subject to:
    > > http://docs.yahoo.com/info/terms/
    > >
    > >
    > >
    > >
    > > Bu listenin Cisco Systems ile dogrudan herhangi
    > bir
    > > baglantisi bulunmamaktadir.
    > >
    > > Listeden cikmak için
    > > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > > e-posta gönderebilirsiniz.
    > >
    > > Yahoo! Groups Links
    > >
    > > To visit your group on the web, go to:
    > > http://groups.yahoo.com/group/cisco-ttl/
    > >
    > > To unsubscribe from this group, send an email to:
    > > cisco-ttl-unsubscribe_at_yahoogroups.com
    > >
    > > Your use of Yahoo! Groups is subject to:
    > > http://docs.yahoo.com/info/terms/
    > >
    > >
    >
    >
    > __________________________________
    > Do you Yahoo!?
    > Yahoo! Hotjobs: Enter the "Signing Bonus"
    > Sweepstakes
    > http://hotjobs.sweepstakes.yahoo.com/signingbonus
    >
    > Bu listenin Cisco Systems ile dogrudan herhangi bir
    > baglantisi bulunmamaktadir.
    >
    > Listeden cikmak için
    > cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir
    > e-posta gönderebilirsiniz.
    >
    > Yahoo! Groups Links
    >
    > To visit your group on the web, go to:
    > http://groups.yahoo.com/group/cisco-ttl/
    >
    > To unsubscribe from this group, send an email to:
    > cisco-ttl-unsubscribe_at_yahoogroups.com
    >
    === message truncated ===

    __________________________________
    Do you Yahoo!?
    Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
    http://hotjobs.sweepstakes.yahoo.com/signingbonus

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.

    ------------------------ Yahoo! Groups Sponsor ---------------------~-->
    Buy Ink Cartridges or Refill Kits for your HP, Epson, Canon or Lexmark
    Printer at MyInks.com. Free s/h on orders $50 or more to the US & Canada.
    http://www.c1tracking.com/l.asp?cid=5511
    http://us.click.yahoo.com/mOAaAA/3exGAA/qnsNAA/26EolB/TM
    ---------------------------------------------------------------------~->

    Yahoo! Groups Links

    To visit your group on the web, go to:
     http://groups.yahoo.com/group/cisco-ttl/

    To unsubscribe from this group, send an email to:
     cisco-ttl-unsubscribe_at_yahoogroups.com

    Your use of Yahoo! Groups is subject to:
     http://docs.yahoo.com/info/terms/

    Bu listenin Cisco Systems ile dogrudan herhangi bir baglantisi bulunmamaktadir.
    Listeden cikmak iin cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gnderebilirsiniz.
    Yahoo! Groups Links
    To visit your group on the web, go to: http://groups.yahoo.com/group/cisco-ttl/
    To unsubscribe from this group, send an email to: cisco-ttl-unsubscribe_at_yahoogroups.com
    Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/



    This archive was generated by hypermail 2.1.5 : Wed Jan 21 2004 - 11:59:36 GMT