Ciao a tutti.
Sono Nuovo del forum.
Vorrei porvi una domanda perche non ho trovato molto sul web
Dovrei crare una VPN statica tra due sedi remotizzate dove fare passare DATI e FONIA ip, le due sedi hanno linee telecom italia, con 2 indirizzi pubblici.
sade A
Router 1801 IP lan 192.168.1.xxx
sebe B
non ancora pronta
---
il mio obbiettivo è quello di creare una vpn sempre up in modo che gli utenti della sede B possano accedere sul server della sede A per lavorare come se fossero in sede, e inoltre la possibilità di collegare telefoni IP nella sede B con un centralino IP installato nella sede A
Mi potete aiutare??
serve qualche altro apparato??
nella Sede B posso installare un qualsiasi Router.
posto la conf rel router della sede A
In attesa di una risposta cordiali saluti
show run
Building configuration...
Current configuration : 4583 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no service password-recovery
!
hostname SEDE_A
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.220
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.99.253
ip dhcp excluded-address 192.168.1.100
!
ip dhcp pool LAN_MI
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
option 150 ip 192.168.1.201
dns-server 151.99.125.1 151.99.0.100
!
!
no ip domain lookup
!
isdn switch-type basic-5ess
!
!
!
!
!
!
interface Tunnel0
ip unnumbered Vlan1
tunnel source Dialer1
tunnel destination 82.55.96.126
!
interface FastEthernet0
no ip address
ip nat inside
no ip virtual-reassembly
shutdown
speed auto
full-duplex
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn switch-type basic-5ess
isdn point-to-point-setup
!
interface FastEthernet1
speed 100
!
interface FastEthernet2
speed 100
!
interface FastEthernet3
speed 100
!
interface FastEthernet4
speed 100
!
interface FastEthernet5
description ----Switch
duplex full
speed 100
!
interface FastEthernet6
description ---CENTRALINO
!
interface FastEthernet7
description ---CLIENT1
duplex full
speed 100
!
interface FastEthernet8
description --- Trunking 802.1q verso Cisco 2950 in laboratorio ---
switchport mode trunk
speed 100
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
dsl operating-mode auto
!
interface Vlan1
description ------------LAN-Ufficio
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip virtual-reassembly
!
interface Vlan99
description -----------Vlan Laboratorio
ip address 192.168.99.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
interface Dialer1
description ALICE ADSL
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
no ip route-cache cef
no ip route-cache
no ip mroute-cache
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp pap sent-username [email protected] password 0 123456
!
interface Dialer0
no ip address
ip nat outside
ip virtual-reassembly
!
router eigrp 10
redistribute connected
redistribute static
network 192.168.99.0
auto-summary
no eigrp log-neighbor-changes
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 192.168.11.0 255.255.255.0 Tunnel0
!
!
ip http server
no ip http secure-server
ip nat inside source static udp 192.168.1.201 5900 interface Dialer1 5900
ip nat inside source static tcp 192.168.1.201 5900 interface Dialer1 5900
ip nat inside source static tcp 192.168.1.201 21 interface Dialer1 21
ip nat inside source static udp 192.168.1.201 21 interface Dialer1 21
ip nat inside source route-map NONAT interface Dialer1 overload
ip nat inside source static tcp 192.168.1.4 4662 interface Dialer1 4662
ip nat inside source static udp 192.168.1.4 4672 interface Dialer1 4672
ip nat inside source static udp 192.168.1.4 6881 interface Dialer1 6881
ip nat inside source static tcp 192.168.1.4 6881 interface Dialer1 6881
ip nat inside source static udp 192.168.1.239 6889 interface Dialer1 6889
ip nat inside source static udp 192.168.1.7 6883 interface Dialer1 6883
ip nat inside source static tcp 192.168.1.7 6883 interface Dialer1 6883
ip nat inside source static tcp 192.168.1.201 7000 interface Dialer1 7000
ip nat inside source static udp 192.168.1.201 7000 interface Dialer1 7000
!
!
map-class dialer Dialer0
access-list 1 deny 192.168.1.15
access-list 1 permit any
access-list 105 permit ip 192.168.1.0 0.0.0.255 any
access-list 105 deny ip 192.168.1.0 0.0.0.255 192.168.11.0 0.0.0.255
access-list 105 deny ip 192.168.99.0 0.0.0.255 192.168.11.0 0.0.0.255
access-list 105 permit ip 192.168.99.0 0.0.0.255 any
access-list 105 deny ip host 192.168.1.7 any
!
route-map NONAT permit 10
match ip address 105
!
!
!
tftp-server flash:OS79XX.TXT
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 15 0
password XXX
login
transport preferred none
transport input telnet
!
no scheduler allocate
end
