Vpn si connette ma non riesco a entrare sulla rete

Virtual private networks e affini

Moderatore: Federico.Lagni

Rispondi
alessio_frizzi
n00b
Messaggi: 7
Iscritto il: gio 28 apr , 2011 3:25 pm

Ciao a tutti e grazie dell'ottimo servizio che da questo ottimo sito.
Ho un problema a cui non riesco a venire a capo, ho riconfigurato un router 877 su una ADSL 20mb con connessione punto-punto e 16 indirizzi pubblici, precedentemente era usato su una adsl 7mb con indirizzo statico ma con autenticazione e un solo indirizzo pubblico.
Nella configurazione precedente ho utilizzato l'interfaccia dialer 0 per l'accesso e la vpn funzionava correttamente, adesso nella nuova configurazione mi si connette regolarmente ma non riesco più ad accedere alla rete locale.
questa è la configurazione

!
! Last configuration change at 19:29:57 CET Thu Jan 23 2014 by innofondi
! NVRAM config last updated at 19:15:35 CET Thu Jan 23 2014 by innofondi
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname AgeSoffiano
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
enable secret 5 $1$K4v3$hVwC0KjjjjSQcEa.IZHUl1
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login fondiaria local
aaa authorization exec default local
aaa authorization network fondiaria local
!
!
aaa session-id common
clock timezone CET 1
clock summer-time CET recurring last Sun Mar 2:00 last Sun Oct 3:00
!
crypto pki trustpoint innocenti
enrollment selfsigned
subject-name CN=cn=IOS-Self-Signed-Certificate-1286547895
revocation-check none
rsakeypair innocenti
!
!
crypto pki certificate chain innocenti
certificate self-signed 01
3082022F 308201D9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
61313230 30060355 04031329 636E3D49 4F532D53 656C662D 5369676E 65642D43
65727469 66696361 74652D31 32383635 34373839 35312B30 2906092A 864886F7
0D010902 161C4167 65536F66 6669616E 6F2E616C 69636562 7573696E 6573732E
6974301E 170D3131 30343230 31303430 33325A17 0D323030 31303130 30303030
305A3061 31323030 06035504 03132963 6E3D494F 532D5365 6C662D53 69676E65
642D4365 72746966 69636174 652D3132 38363534 37383935 312B3029 06092A86
4886F70D 01090216 1C416765 536F6666 69616E6F 2E616C69 63656275 73696E65
73732E69 74305C30 0D06092A 864886F7 0D010101 0500034B 00304802 4100BBBC
17AB6222 EAC5894C C3B249A3 766341D4 25F4B80B B7FA8E42 8B1C0DC7 758DAE92
A4F3BDE6 680E4DA7 3FCD909A 4DB92F46 B0554FB7 A733BB8B 70C1A904 38E90203
010001A3 7C307A30 0F060355 1D130101 FF040530 030101FF 30270603 551D1104
20301E82 1C416765 536F6666 69616E6F 2E616C69 63656275 73696E65 73732E69
74301F06 03551D23 04183016 80146A1E E2912AE8 86778ADC 7B9F6CE3 A6F44D2E
D84B301D 0603551D 0E041604 146A1EE2 912AE886 778ADC7B 9F6CE3A6 F44D2ED8
4B300D06 092A8648 86F70D01 01040500 03410089 336DAD89 CA7BE32E C8C01650
D4A2CE4F C8A33272 0352AB90 BBD8C314 B6681CED 34E1C153 1EB59802 F83B923A
371232DA ED165794 FD83AD33 1C407B31 5009A7
quit
dot11 syslog
ip source-route
!
!
ip cef
ip domain name alicebusiness.it
ip name-server 151.99.125.1
ip name-server 151.99.125.2
!
!
!
!
username innofondi privilege 15 password 7 06370B255F1D5F4B2D0E
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp client configuration group vpn
key xxxxxxxx
dns 10.51.121.193 10.51.121.245
pool fondiariapool
acl 101
max-logins 1
netmask 255.255.255.192
!
!
crypto ipsec transform-set esp-3des-sha esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-md5-hmac
!
crypto dynamic-map fondiariamap 1
set transform-set esp-3des-sha
reverse-route
!
!
crypto map cfondiariamap local-address Loopback2
crypto map cfondiariamap client authentication list fondiaria
crypto map cfondiariamap isakmp authorization list fondiaria
crypto map cfondiariamap client configuration address respond
crypto map cfondiariamap 65535 ipsec-isakmp dynamic fondiariamap
!
archive
log config
hidekeys
!
!
!
!
!
interface Loopback0
ip address 195.120.214.241 255.255.255.255
!
interface Loopback1
ip address 195.120.214.242 255.255.255.255
!
interface Loopback2
ip address 195.120.214.243 255.255.255.255
!
interface Tunnel0
ip unnumbered Loopback0
keepalive 10 3
tunnel source Loopback0
tunnel destination 95.242.189.204
tunnel mode ipip
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
ip address 194.243.173.178 255.255.255.252
ip nat outside
ip virtual-reassembly
pvc 8/35
encapsulation aal5snap
!
crypto map cfondiariamap
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 10.51.121.196 255.255.255.192
ip nat inside
ip virtual-reassembly
!
ip local pool fondiariapool 10.51.121.253
no ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip route 10.30.0.0 255.255.0.0 10.51.121.194
ip route 10.50.0.0 255.255.0.0 10.51.121.194
ip route 10.55.121.192 255.255.255.240 Tunnel0
ip route 10.60.0.0 255.255.0.0 10.51.121.194
ip route 10.128.0.0 255.128.0.0 10.51.121.194
ip http server
ip http secure-server
!
ip nat pool pubblico 195.120.214.242 195.120.214.242 netmask 255.255.255.240
ip nat inside source static tcp 10.51.121.200 10099 interface Loopback0 10099
ip nat inside source static tcp 10.51.121.200 3478 interface Loopback0 3478
ip nat inside source static udp 10.51.121.200 3478 interface Loopback0 3478
ip nat inside source static udp 10.51.121.200 8003 interface Loopback0 8003
ip nat inside source static udp 10.51.121.200 8002 interface Loopback0 8002
ip nat inside source static udp 10.51.121.200 8001 interface Loopback0 8001
ip nat inside source static udp 10.51.121.200 8000 interface Loopback0 8000
ip nat inside source static tcp 10.51.121.200 443 interface Loopback0 443
ip nat inside source list 1 pool pubblico overload
ip nat inside source static udp 10.51.121.200 5060 interface Loopback0 5060
ip nat inside source static tcp 10.51.121.200 5060 interface Loopback0 5060
ip nat inside source list 111 interface Loopback2 overload
!
access-list 1 remark access-list per NAT
access-list 1 permit 10.51.121.192 0.0.0.63
access-list 101 permit ip 10.51.121.192 0.0.0.63 host 10.51.121.253
access-list 111 deny ip 10.51.121.192 0.0.0.63 host 10.51.121.253
access-list 111 permit ip 10.51.121.192 0.0.0.63 any
no cdp run

!
!
!
!
control-plane
!
!
line con 0
password 7 112035244640580F0B24382B2436
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password 7 132C3B335A5E573E2E28263621
transport input telnet ssh
!
scheduler max-task-time 5000
ntp server 193.204.114.232
end

C'è qualcuno che riesce ad aiutarmi?
Grazie in anticipo.
Ciao a tutti.
paolomat75
Messianic Network master
Messaggi: 2965
Iscritto il: ven 29 gen , 2010 10:25 am
Località: Prov di GE

Hai risolto? Ti vengono assegnati correttamente IP, ecc?

Paolo
Non cade foglia che l'inconscio non voglia (S.B.)
Rispondi