Forum

Cisco 878 ve zyxel ...
 
Bildirimler
Hepsini Temizle

Cisco 878 ve zyxel 793H arasında site-to-site VPN kurulumu

2 Yazılar
2 Üyeler
0 Reactions
521 Görüntüleme
(@Anonim)
Gönderiler: 0
Konu başlatıcı
 

Merhaba arkadaşlar

Cisco 878 ve zyxel 793H arasında site-to-site VPN kurulumu yapmaya calisiyorum cisco uzerindeki konfigurasyonu asagidaki gibi yaptim yanlis bir satir varmidir, cunku UP olmuyor bir turlu.Bu konuda tecrubeli arkadaslar yardimci olmanizi rica ederim.

Cisco dış ip :   212.154.x.xxx

Cisco local ip : 192.168.100.1.

Zyxel Dış ıp: 212.156.x.x

Zyxel local ip : 10.0.10.1

Tesekkurler

Building configuration...

Current configuration : 7206 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname xxx
!
boot-start-marker
boot-end-marker
!
logging buffered 52000
enable secret 5 $1$MIVw$/kCUC50A2TUdkf78nZws8.
enable password 7 0878141B5B4B55
!
aaa new-model
!
!
aaa authentication login default local
aaa authorization exec default local
!
!
aaa session-id common
!
crypto pki trustpoint TP-self-signed-645331598
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-645331598
 revocation-check none
 rsakeypair TP-self-signed-645331598
!
!
crypto pki certificate chain TP-self-signed-645331598
 certificate self-signed 01
  3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 36343533 33313539 38301E17 0D303230 33303130 30303634
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3634 35333331
  35393830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  D642AA27 76D5FA25 A5489011 93EFA886 7AECFB84 B0FB461B ED0A1958 666038BB
  463A3029 73EE7597 A29F0C34 9AC5B592 F523420C D36AD2FA 73FEB243 DBB278BB
  9D5C8F2A 762EF3A6 322C5E54 13C92844 A1386C1A 11062ECA 8ECB6EC6 A2BB9CEA
  6A8BF3B5 7ED0ABE0 968C0C49 E9010CEA 9A007809 0CFC711F 52C931B2 393142E3
  02030100 01A37430 72300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
  11041830 16821441 73626973 2E796F75 72646F6D 61696E2E 636F6D30 1F060355
  1D230418 30168014 EBDDD3C7 1AC050F6 40A939FD 59A38AF1 2F86834E 301D0603
  551D0E04 160414EB DDD3C71A C050F640 A939FD59 A38AF12F 86834E30 0D06092A
  864886F7 0D010104 05000381 8100CB77 3BBF414A 65C5477C F53D6A1B 80043885
  9FDDB9F3 D99F5A00 91819FDF 204A246B E9D63409 DA3638C4 086321C3 1A0674F3
  346D1B5D 15786D86 14D3BB4C FA1A54CA 105B9455 57AE3C52 312828E2 2F5504F8
  DFFC03BD 83A3FE61 8285191B CAD25DCA B604BB5A 4A15D551 3A705830 9B094794
  AD6F4E7D 36F16AC3 638A3976 A020
        quit
dot11 syslog
ip cef
!
!
no ip domain lookup
ip domain name yourdomain.com
ip name-server 193.192.98.8
ip name-server 193.192.98.9
!
!
!
username abc privilege 15 secret 5 $1$D5Wq$eNeZfaTejvWaHlTkdq2ZA0
username abcd privilege 15 password 7 106F1A1D5C4F47595E54
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp policy 2
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key 148655 address 212.156.x.x
!
!
crypto ipsec transform-set MerkezSube esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
 description Tunnel to212.156.x.x
 set peer 212.156.x.x
 set transform-set MerkezSube
 set pfs group2
 match address 100
!
archive
 log config
  hidekeys
!
!
controller DSL 0
 mode atm
 line-term cpe
 line-mode 2-wire line-zero
 dsl-mode shdsl symmetric annex B
 line-rate 1024
!
!
!
!
interface BRI0
 no ip address
 encapsulation hdlc
 shutdown
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
 pvc 8/35
  encapsulation aal5snap
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 description ethernet bacagi
 ip address 212.154.x.x 255.255.255.248 secondary
 ip address 192.168.100.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Dialer0
 bandwidth 2048
 ip address negotiated
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username euheu@uehe password 7 040F03555929145F0018
04
 crypto map SDM_CMAP_1
!
no ip forward-protocol nd
ip route static adjust-time 30
ip route profile
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
ip nat inside source static 192.168.100.12 212.154.x.x
!
access-list 1 permit 192.168.100.0 0.0.0.255
access-list 70 permit 193.192.97.2
access-list 70 permit 193.192.97.64 0.0.0.31
access-list 70 permit 193.192.98.224 0.0.0.15
access-list 100 remark SDM_ACL Category=6
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.100.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 100 remark IPSec Rule
access-list 100 deny   ip 192.168.100.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 remark SDM_ACL Category=2
access-list 101 remark IPSec Rule
access-list 101 deny   ip 192.168.100.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 101 permit ip 192.168.100.0 0.0.0.255 any
access-list 102 remark SDM_ACL Category=2
access-list 102 remark IPSec Rule
access-list 102 deny   ip 192.168.100.0 0.0.0.255 10.0.0.0 0.255.255.255
access-list 102 permit ip 192.168.100.0 0.0.0.255 any
dialer-list 1 protocol ip permit
snmp-server community asb%cn&tr RO 70
snmp-server ifindex persist
no cdp run
!
!
route-map SDM_RMAP_1 permit 1
 match ip address 100 1
!
!
control-plane
!
banner exec ^C
% Password expiration warning.

 
Gönderildi : 13/12/2011 23:32

(@ilyasYILDIZ)
Gönderiler: 441
Honorable Member
 

Merhaba , 

Zyxel tarafındaki ekran görüntülerini paylaşır mısınız ?

Bir de route-map SDM_RMAP_1 permit 1
 match ip address 100 1 ( access-list 100 mü yoksa 101 mi ? 

 
Gönderildi : 14/12/2011 14:01

Paylaş: