Ho la necessità per un cliente di creare una vpn su rete Telecom. Ho acquistato 2 router 857 e ho anche gli indirizzi ip statici assegnati dall' isp. Dove trovo la configurazione??
Se necessario posso pubblicare gli ip assegnati da Telecom.
Grazie in anticipo.
Cisco 857 e vpn
Moderatore: Federico.Lagni
-
Helix
- Messianic Network master
- Messaggi: 1175
- Iscritto il: mar 04 dic , 2007 6:45 pm
- Località: Frosinone
- Contatta:
Nella sezione VPN ci sono molti topic al riguardo.
Poi chiedere di farsi fare la conf non è molto carino!
Poi chiedere di farsi fare la conf non è molto carino!
---
Ciao, Leonardo
"Guarda che il VSS è migliore dell' MPLS"
"Io amo le rotte statiche e non mi fido dei protocolli di RUTING"
"Io ho lavorato per Telecom...li è tutto Layer 2 e tutto RUTING statico"
"L'MPLS VPN è come l' ATM e farà la sua stessa fine"
"A noi l'MPLS non CE n'teressa...mejo se usamo il FlexLink"
"Spostiamo il Livello 3 della Vlan dal Core al Service Edge ma senza modificare il RUTING..."
"Ma sul 3650 a 4 porte si può fare lo stAcK?"
"Noi usiamo quel coso lì...che maschera gli IPPPI'...capito no?"
"Forse non hai capito...puoi risolvere il problema usando le sub-vlan"
Cisco CCNP, CCDP Certified
Ciao, Leonardo
"Guarda che il VSS è migliore dell' MPLS"
"Io amo le rotte statiche e non mi fido dei protocolli di RUTING"
"Io ho lavorato per Telecom...li è tutto Layer 2 e tutto RUTING statico"
"L'MPLS VPN è come l' ATM e farà la sua stessa fine"
"A noi l'MPLS non CE n'teressa...mejo se usamo il FlexLink"
"Spostiamo il Livello 3 della Vlan dal Core al Service Edge ma senza modificare il RUTING..."
"Ma sul 3650 a 4 porte si può fare lo stAcK?"
"Noi usiamo quel coso lì...che maschera gli IPPPI'...capito no?"
"Forse non hai capito...puoi risolvere il problema usando le sub-vlan"
Cisco CCNP, CCDP Certified
-
kinetz
- n00b
- Messaggi: 5
- Iscritto il: gio 25 set , 2008 9:18 pm
- Contatta:
Non mi è parso di chiedere di FARE la configurazione, ma solo dove trovare la configurazione.Helix ha scritto:Nella sezione VPN ci sono molti topic al riguardo.
Poi chiedere di farsi fare la conf non è molto carino!
-
Wizard
- Intergalactic subspace network admin
- Messaggi: 3441
- Iscritto il: ven 03 feb , 2006 10:04 am
- Località: Emilia Romagna
- Contatta:
Il futuro è fatto di persone che hanno delle intuizioni e visioni .....sono quelle persone che fanno la differenza...... quelle dotate di un TERZO OCCHIO....
-
kinetz
- n00b
- Messaggi: 5
- Iscritto il: gio 25 set , 2008 9:18 pm
- Contatta:
Ho finalmente fatto la config. ma purtroppo non funge, se la pubblico gli dareste un'occhiata???
Grazie in anticipo.
Authorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!
User Access Verification
Current configuration : 5186 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname sudricambi
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$IpKw$pR.ruUUguyir37BbYZXrT.
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-3314256107
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3314256107
revocation-check none
rsakeypair TP-self-signed-3314256107
!
!
crypto pki certificate chain TP-self-signed-3314256107
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33333134 32353631 3037301E 170D3032 30333031 30303037
30325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33313432
35363130 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100DBEB C1DAB9DB BF9C0BE4 5C1FA4E3 5BDA1A07 6734690F 32A7F95E E12B5289
2881DC73 BE43E497 342526E7 EEB7C722 6682197B DC383A99 EA5FD545 83C886DB
C4D6012A 14D27F1B 42003967 D5BB73D0 4C8A52EB A42C6CC4 214B3FE4 2E72FE16
5EB3E9D7 343682DF 8BC1A170 BD64C298 06577ABD 9FB19D92 A0BBDB22 8DE2771A
A2E70203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 19737564 72696361 6D62692E 796F7572 646F6D61 696E2E63
6F6D301F 0603551D 23041830 168014A7 B288B141 512DF934 BA055677 EA81C9C9
8ABBC030 1D060355 1D0E0416 0414A7B2 88B14151 2DF934BA 055677EA 81C9C98A
BBC0300D 06092A86 4886F70D 01010405 00038181 00A9376E 5B072746 DF33FC3F
A957C44D C51DF077 01AE64A7 942D389D 89F6BE4F 9E06E0CF 93C9B760 A31F34C1
C8DD4AEF 81A94FA9 92E80B1C B4C7722A BF57D5CF 37E5B1B9 C375F855 F314CE30
9C876C63 4ABBAFD1 932AC42D 757C3F83 333846DF B05DBB6A BA48B07F F6A2220F
7B1A5448 A1B2F569 E487294E 62E9E348 C7553713 BF
quit
dot11 syslog
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username Filetech privilege 15 secret 5 $1$FO6k$OC2nQCo0t4HbXV5QIGwMZ0
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.45.164.146 255.255.255.0
ip nat outside
ip virtual-reassembly
pvc 8/35
oam-pvc manage
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 79.15.160.15 255.255.255.0 secondary
ip address 10.10.10.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
no ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool inter 79.15.160.15 79.15.160.15 netmask 255.255.255.0
ip nat inside source list 50 pool inter overload
!
logging trap debugging
snmp-server community public RO
snmp-server enable traps tty
no cdp run
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
sudricambi#
sudricambi#
Grazie in anticipo.
Authorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!
User Access Verification
Current configuration : 5186 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname sudricambi
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$IpKw$pR.ruUUguyir37BbYZXrT.
!
no aaa new-model
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
!
crypto pki trustpoint TP-self-signed-3314256107
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-3314256107
revocation-check none
rsakeypair TP-self-signed-3314256107
!
!
crypto pki certificate chain TP-self-signed-3314256107
certificate self-signed 01
30820251 308201BA A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33333134 32353631 3037301E 170D3032 30333031 30303037
30325A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 33313432
35363130 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100DBEB C1DAB9DB BF9C0BE4 5C1FA4E3 5BDA1A07 6734690F 32A7F95E E12B5289
2881DC73 BE43E497 342526E7 EEB7C722 6682197B DC383A99 EA5FD545 83C886DB
C4D6012A 14D27F1B 42003967 D5BB73D0 4C8A52EB A42C6CC4 214B3FE4 2E72FE16
5EB3E9D7 343682DF 8BC1A170 BD64C298 06577ABD 9FB19D92 A0BBDB22 8DE2771A
A2E70203 010001A3 79307730 0F060355 1D130101 FF040530 030101FF 30240603
551D1104 1D301B82 19737564 72696361 6D62692E 796F7572 646F6D61 696E2E63
6F6D301F 0603551D 23041830 168014A7 B288B141 512DF934 BA055677 EA81C9C9
8ABBC030 1D060355 1D0E0416 0414A7B2 88B14151 2DF934BA 055677EA 81C9C98A
BBC0300D 06092A86 4886F70D 01010405 00038181 00A9376E 5B072746 DF33FC3F
A957C44D C51DF077 01AE64A7 942D389D 89F6BE4F 9E06E0CF 93C9B760 A31F34C1
C8DD4AEF 81A94FA9 92E80B1C B4C7722A BF57D5CF 37E5B1B9 C375F855 F314CE30
9C876C63 4ABBAFD1 932AC42D 757C3F83 333846DF B05DBB6A BA48B07F F6A2220F
7B1A5448 A1B2F569 E487294E 62E9E348 C7553713 BF
quit
dot11 syslog
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool1
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
!
!
ip cef
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
no ip bootp server
no ip domain lookup
ip domain name yourdomain.com
!
!
!
username Filetech privilege 15 secret 5 $1$FO6k$OC2nQCo0t4HbXV5QIGwMZ0
!
!
archive
log config
hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address 88.45.164.146 255.255.255.0
ip nat outside
ip virtual-reassembly
pvc 8/35
oam-pvc manage
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 79.15.160.15 255.255.255.0 secondary
ip address 10.10.10.2 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
hold-queue 100 out
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
!
no ip http server
ip http access-class 23
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat pool inter 79.15.160.15 79.15.160.15 netmask 255.255.255.0
ip nat inside source list 50 pool inter overload
!
logging trap debugging
snmp-server community public RO
snmp-server enable traps tty
no cdp run
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device and
it provides the default username "cisco" for one-time use. If you have already
used the username "cisco" to login to the router and your IOS image supports the
"one-time" user option, then this username has already expired. You will not be
able to login to the router with this username after you exit this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
sudricambi#
sudricambi#
