CiscoForums.it

Ciao a tutti , mi sapete dire cosa ho sbagliato ?

questa è la mia configurazione telecom hdsl 2mb

Using 2403 out of 29688 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname XXXXX
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$Yr0y$gSeddGXVWvfQj5hYXmhTY/
!
no aaa new-model
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
crypto pki trustpoint TP-self-signed-524163059
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-524163059
revocation-check none
rsakeypair TP-self-signed-524163059
!
!
crypto pki certificate chain TP-self-signed-524163059
certificate self-signed 01 nvram:IOS-Self-Sig#3939.cer
username admin privilege 15 password 0 admin
username ciscos privilege 15 secret 5 $1$4sGR$4uscMbJuHTqzirIRnP35G.
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 2
encr 3des
hash md5
authentication pre-share
crypto isakmp key XXXXX address XXX.XXX.XXX.XXX
!
!
crypto ipsec transform-set 1 esp-3des esp-md5-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel toXXX.XXX.XXX.XXX
set peer XXX.XXX.XXX.XXX
set transform-set 1
match address 100
!
!
!
interface Loopback0
ip address XXX.XXX.XXX.XXX 255.255.255.240
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
!
interface FastEthernet0
ip address 192.168.235.254 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
speed auto
crypto map SDM_CMAP_1
!
interface Serial0
no ip address
no ip proxy-arp
ip nat outside
ip virtual-reassembly
encapsulation frame-relay IETF
no fair-queue
frame-relay lmi-type cisco
!
interface Serial0.1 point-to-point
ip address XXX.XXX.XXX.XXX 255.255.255.252
ip nat outside
ip virtual-reassembly
frame-relay interface-dlci 297 IETF
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Serial0.1
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface Loopback0 overload
!
access-list 1 permit 192.168.235.0 0.0.0.255
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.235.0 0.0.0.255 192.168.22.0 0.0.0.255
access-list 104 permit tcp any any eq telnet
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 40 0
privilege level 15
password cisco
login local
transport input telnet ssh
!
end

Grazie

Alex

Ma poi cosa vinco?
Sembra il giochino "trova le differenze"

Battute a parte io guarderei la configurazione della seriale, sei sicuro che l'incapsulamento sia corretto così? Inoltre AFAIK il nat sulla loopback non ti serve come altri comandi che, sempre AFAIK, sono superflui (ma non credo controproducenti)

Lo cosa ti dice? E' tutto up? E i log?

Rizio

Ciao,
prova a cambiare il tipo lmi in ANSi

Oppure ancora meglio leva il comando e lascia che lo trovi lui.

Se non va posta posta lo stato del frame-relay e delle interfacce.

Paolo

Scusate colpa mia, la configurazione andava bene poi mi sono accorto che l'interfaccia serial0.1 era in shutdown.

Grazie come sempre per il vostro aiuto

Alex