[cisco-ttl] Re: Cisco VPN

From: serust (sustundag_at_tepum.com.tr)
Date: Tue Aug 10 2004 - 08:05:04 GMT

  • Next message: Serhat Uslay: "Re: [cisco-ttl] İstanbul Resimleri İstiyenler Buyursun 1"

    Selam

    http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration
    _example09186a00800949e1.shtml

    12.0.7.T veya sonrasini gerektiriyor tam sana gore...
    Kolay gelsin

    --- In cisco-ttl_at_yahoogroups.com, Besir KAYAR <bekirkaya20_at_y...>
    wrote:
    > Arkadaşlar...
    >
    > Sizlere Cisco VPN ile ilgili bir sorum olacak.2600 routerda vpn
    yapmaya çalışıyorum.Üst versiyon IOS la vpn i çalıştırdım fakat canlı
    uygulamada üst versiyonun rami ve flaşı yeterli gelmiyor.c2600-
    io3s56i-mz.120-7.T3.bin versiyonı ile yapmam gerekiyor.Bu versiyonla
    yapıncada
    > crypto isakmp client configuration group 3000client
    > komutunu çalıştıramıyorum.Farklı bir şekilde yapmam gerekiyor.Bunla
    ilgili elinde dokuman veya tecrübesi olan varsa paylaşırsa sevinirim.
    >
    > Teşekkürler
    >
    > Üst versiyonla yaptığımım benzer konfig aşağıda...
    >
    >
    > aaa new-model
    > aaa authentication login userauthen local
    > aaa authorization network groupauthor local
    > aaa session-id common
    > !
    > username cisco password 0 cisco
    > memory-size iomem 15
    > mmi polling-interval 60
    > no mmi auto-configure
    > no mmi pvc
    > mmi snmp-timeout 180
    > ip subnet-zero
    > !
    > !
    > no ip domain-lookup
    > !
    > ip audit notify log
    > ip audit po max-events 100
    > !
    > crypto isakmp policy 3
    > hash md5
    > authentication pre-share
    > group 2
    > !
    > crypto isakmp client configuration group 3000client
    > key cisco123
    > pool ippool
    > acl 108
    > !
    > crypto ipsec transform-set myset esp-des esp-md5-hmac
    > !
    > crypto dynamic-map dynmap 10
    > set transform-set myset
    > !
    > crypto map clientmap client authentication list userauthen
    > crypto map clientmap isakmp authorization list groupauthor
    > crypto map clientmap client configuration address initiate
    > crypto map clientmap client configuration address respond
    > crypto map clientmap 10 ipsec-isakmp dynamic dynmap
    > !
    > interface FastEthernet0
    > ip address 196.0.0.1 255.255.255.0
    > speed auto
    > !
    > interface Serial0
    > ip address 193.0.0.1 255.255.255.0
    > encapsulation ppp
    > no fair-queue
    > clockrate 64000
    > crypto map clientmap
    > !
    > ip local pool ippool 197.0.0.3 197.0.0.5
    > ip classless
    > ! Important: Router must know how to reach remote VPN client via
    both its permanent IP address AND temporary VPN address:
    > ip route 0.0.0.0 0.0.0.0 Serial0
    > no ip http server
    > ip pim bidir-enable
    > !
    > !
    > logging trap debugging
    > ! Important: Needed to support split-tunneling, ie. data are
    sent encrypted or in clear text depending on destination address:
    > access-list 108 permit ip 196.0.0.0 0.0.0.255 197.0.0.0
    0.0.0.255
    > !
    > !
    > line con 0
    > line aux 0
    > line vty 0 4
    > !
    > no scheduler allocate
    > end
    >
    >
    > ---------------------------------
    > Do you Yahoo!?
    > Read only the mail you want - Yahoo! Mail SpamGuard.

    ------------------------ Yahoo! Groups Sponsor --------------------~-->
    Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
    Now with Pop-Up Blocker. Get it for free!
    http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/26EolB/TM
    --------------------------------------------------------------------~->

    Bu listenin Cisco Systems ile herhangi bir baglantisi bulunmamaktadir.

    Listeden cikmak için cisco-ttl-unsubscribe_at_yahoogroups.com adresine bir e-posta gönderebilirsiniz.
    Yahoo! Groups Links

    <*> To visit your group on the web, go to:
        http://groups.yahoo.com/group/cisco-ttl/

    <*> To unsubscribe from this group, send an email to:
        cisco-ttl-unsubscribe_at_yahoogroups.com

    <*> Your use of Yahoo! Groups is subject to:
        http://docs.yahoo.com/info/terms/
     



    This archive was generated by hypermail 2.1.5 : Tue Aug 10 2004 - 12:06:13 GMT