AIUTOOOOOO problema su conf VPN con comando Incomplete

Tutto ciò che ha a che fare con la configurazione di apparati Cisco (e non rientra nelle altre categorie)

Moderatore: Federico.Lagni

Rispondi
Angar
n00b
Messaggi: 15
Iscritto il: gio 23 giu , 2005 5:02 pm

ciao a tutti,
ho fatto questa configurazione su un Router 827 ma facendo uno SH RUN
mi da una riga INCOMPLETE......
bho
vi inserisco la conf::::::

Current configuration : 1803 bytes
!
version 12.1
no service single-slot-reload-enable
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname qqqqqqqqqqqqqqqqqqqqqqqqqq
!
no logging rate-limit
enable secret 5 $1$M2YC$nDvkEEECQ1CTcFTXGX.gO0
enable password wwwwwwwwwwwwwwwwwwww
!
username qqqqqqqqq password 0 wwwwwwwwwwwwwwwwwwwww
ip subnet-zero
no ip finger
ip dhcp excluded-address 10.10.y.y
!
no ip dhcp-client network-discovery
call rsvp-sync
!
!
!
!
!
!
!
crypto isakmp policy 20
authentication pre-share
group 2
crypto isakmp key sharedkey address (ip router remoto)
!
!
crypto ipsec transform-set dsltest esp-des esp-md5-hmac
!
crypto map test 10 ipsec-isakmp
! Incomplete
set peer (ip router remoto)
set transform-set dsltest
match address 101
!
!
!
!
interface Ethernet0
ip address 10.10.y.y 255.255.255.0
ip nat inside
hold-queue 100 out
!
interface ATM0
no ip address
no atm ilmi-keepalive
bundle-enable
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address zz.zz.zz.zz 255.255.255.0
ip nat outside
pvc 8/35
encapsulation aal5snap
!
!
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
no ip http server
!
ip nat inside source list 1 interface ATM0.1 overload
ip nat inside source static tcp 10.10.y.y 80 zz.zz.zz.zz 80 extendable
ip nat inside source static tcp 10.10.y.y 1723 zz.zz.zz.zz 1723 extendable
access-list 1 permit 10.y.y.0 0.0.0.255
access-list 2 permit 10.x.x.0 0.0.0.255
access-list 10 permit 192.168.0.0 0.0.0.255
access-list 11 permit 192.168.x.0 0.0.0.255
!
voice-port 1
!
voice-port 2
!
voice-port 3
!
voice-port 4
!
!
line con 0
exec-timeout 120 0
transport input none
stopbits 1
line vty 0 4
exec-timeout 120 0
password xxxxxxx
login local
length 0
!
scheduler max-task-time 5000
end

ciscoxxx#
Angaretto
Top
Renato.Efrati
Holy network Shaman
Messaggi: 637
Iscritto il: gio 07 apr , 2005 9:30 pm
Località: Cisco Systems Inc. West Tasman Drive 170, San Jose CA
Contatta:
Contatta Renato.Efrati

sotto la crypto map hai messo match address 101
pero' nn hai fatto la crypto access list 101.....

CCIE Routing & Switching # 20567
CCNP R&S - CCNP Sec - CCNP Collaboration - CCNP Datacenter - CCDP - VCP6-DCV

Top
Rispondi

Torna a “Configurazioni”