Semplice configurazione PPTP

Virtual private networks e affini

Moderatore: Federico.Lagni

Rispondi
francesco_savona
Cisco enlightened user
Messaggi: 129
Iscritto il: mer 01 apr , 2009 9:58 am

Visto che c'è molta confusione questa è una semplice configurazione (molto semplice) per far funzionare un bel collegamento remoto...io lo utilizzo per far girare alcune sessioni as400:

service timestamps log uptime
service password-encryption
!
hostname """"""""""""""""""""""""
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$lBkG$pr8zr7wVjr18//LNMFlQa1
!
username ********* secret 5 *********
username ********* password 7 *********
vpdn enable
no vpdn ip udp ignore checksum
!
vpdn-group RRAS
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
ip subnet-zero
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool CLIENT
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
lease 0 2
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp RRAS local
aaa authorization network default if-authenticated
aaa session-id common
!
!
!
!
!
!
!
interface Loopback0
ip address x.x.x.x 255.255.255.248
!
interface Ethernet0
ip address 192.168.0.254 255.255.255.0
ip nat inside
ip policy route-map ras
hold-queue 100 out
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
ip address y.y.y.y 255.255.255.252
ip nat outside
pvc 8/35
encapsulation aal5snap
!
!
interface Virtual-Template1
ip unnumbered Ethernet0
ip mtu 1492
ip route-cache flow
peer default ip address pool vpn_pool
no keepalive
ppp authentication ms-chap ms-chap-v2
!
ip local pool vpn_pool 192.168.3.100
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
no ip http server
no ip http secure-server
!
ip nat translation timeout 600
ip nat translation tcp-timeout 300
ip nat pool nat_pool_2 x.x.x.x x.x.x.x netmask 255.255.255.248
ip nat inside source list 115 pool nat_pool_2 overload

access-list 115 deny ip 192.168.0.0 0.0.0.255 host 192.168.3.100
access-list 115 permit ip 192.168.0.0 0.0.0.255 any
route-map ras permit 10
match ip address 115
set default interface ATM0.1
!
!
control-plane
!
!
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
line vty 0 4
exec-timeout 120 0
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
end
-------------------------------------------------------
SAVONA FRANCESCO
CCNA
-------------------------------------------------------
Top
Rispondi

Torna a “VPN”