ho un piccolo problema...
sto cercando di attivare una vpn ... solo che non capisco dov'è l'errore
se faccio uno show crypto isakmp sa no mi fa vedere niente
((Mi potete aiutare please grazie
Current configuration : 4481 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname test
!
boot-start-marker
boot-end-marker
!
logging exception 100000
logging count
logging queue-limit 10000
logging buffered 150000 notifications
logging console critical
enable password 7 154658590779297029616C233306
!
no aaa new-model
memory-size iomem 15
no ip source-route
ip cef table event-log
ip cef
!
!
!
!
ip name-server 151.99.125.1
ip name-server 151.99.0.100
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
!
class-map match-any ADULT-URL
match protocol http url "*porn"
match protocol http url "porn*"
match protocol http url ".*xxx*."
match protocol http url ".xxx*."
match protocol http url ".*xxx."
match protocol http url "*facebook*"
match protocol http url "*youtube*"
match protocol http host "*youtube.com*|*video.google.com*"
match protocol http mime "video/flv|video/x-flv|video/mp4|video/x-m4v|audio/mp4"
match protocol http mime "video/3gpp|video/quicktime"
match protocol http url "*.flv|*.mp4|*.m4v|*.m4a|*.3gp|*.mov"
match protocol http host "*facebook*"
match protocol http host "*porn*"
match protocol http host "*youtube*"
match protocol http host "*megavideo*"
!
!
policy-map FILTER-ADULT
class ADULT-URL
drop
!
!
!
crypto isakmp policy 20
encr 3des
authentication pre-share
group 2
crypto isakmp key db875f3d33123456 address 89.97.xxx.xxx
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
!
crypto map mymap 10 ipsec-isakmp
set peer 89.97.xxx.xxx
set security-association lifetime kilobytes 86400
set security-association lifetime seconds 28800
set transform-set myset
match address 101
!
!
!
interface FastEthernet0/0
description *** LAN Inside ***
ip address 192.168.11.1 255.255.255.0 secondary
ip address 85.47.x.x 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip accounting access-violations
ip nbar protocol-discovery
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
duplex auto
speed auto
no keepalive
service-policy input FILTER-ADULT
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
atm restart timer 300
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0/0.1 point-to-point
description *** Point-to-Point Telecom ***
ip unnumbered FastEthernet0/0
ip nat outside
ip virtual-reassembly
crypto map mymap
pvc 8/35
encapsulation aal5snap
!
!
interface Dialer0
no ip address
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
!
!
no ip http server
ip http authentication local
no ip http secure-server
ip nat inside source list 102 interface FastEthernet0/0 overload
!
logging history notifications
access-list 101 remark ***********************************************
access-list 101 remark ** NAT Traveseral **
access-list 101 permit ip 192.168.11.0 0.0.0.255 192.168.4.0 0.0.3.255
access-list 102 deny ip 192.168.11.0 0.0.0.255 192.168.4.0 0.0.3.255
access-list 102 permit ip 192.168.11.0 0.0.0.255 any
access-list 102 deny ip host 0.0.0.0 any log
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 deny ip 224.0.0.0 31.255.255.255 any
access-list 102 deny ip 10.0.0.0 0.255.255.255 any
access-list 102 deny ip 172.16.0.0 0.15.255.255 any
access-list 102 permit ip 192.168.4.0 0.0.0.255 any
access-list 102 deny ip 192.0.0.0 0.0.0.255 any
access-list 150 permit ip any any dscp 5
access-list 150 deny ip any any
no cdp run
!
route-map DENY-ADULT permit 10
match ip address 150
set interface Null0
!
!
!
control-plane
!
!
banner motd ^CCC
****************************************************************
----------------------------------------------------------------
* *** ROUTER PERIMETRALE Sardegna *** *
----------------------------------------------------------------
* WARNING: System is RESTRICTED to authorized personnel ONLY! *
* Unauthorized use of this system will be logged and *
* prosecuted to the fullest extent of the law. *
* *
* If you are NOT authorized to use this system, LOG OFF NOW! *
* *
****************************************************************^C
!
line con 0
login
line aux 0
line vty 0 5
!
scheduler allocate 20000 1000
end
