URL: https://www.opennet.ru/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 14586
[ Назад ]

Исходное сообщение
"Не работает туннель"
Отправлено Erik , 03-Окт-07 15:16

Конфигурация упрощена чтобы не захламлять форум.
Выглядит так:
[192.168.11.0/24]--[cisco1812]---[192.168.0.0/30]---[cisco3825]--[192.168.12.0/24]
Конфиги:
-------------------------------------
hostname c1812gw1
!
aaa new-model
!
ip cef
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
crypto isakmp key 12345 address 192.168.0.2
!
!
crypto ipsec transform-set RBK esp-3des esp-md5-hmac
!
crypto map TUNNEL0 1 ipsec-isakmp
set peer 192.168.0.2
set transform-set RBK
match address 199
!
!
!
!
interface Tunnel0
ip unnumbered FastEthernet0
tunnel source FastEthernet0
tunnel destination 192.168.0.2
tunnel checksum
crypto map TUNNEL0
!
interface FastEthernet0
ip address 192.168.0.1 255.255.255.252
duplex auto
speed auto
crypto map TUNNEL0
!
access-list 199 permit ip host 192.168.0.1 host 192.168.0.2
!
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
---------------------------------------
hostname c3825
!
no aaa new-model
!
ip cef
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
crypto isakmp key 12345 address 192.168.0.1
!
!
crypto ipsec transform-set RBK esp-3des esp-md5-hmac
!
crypto map TUNNEL0 1 ipsec-isakmp
set peer 192.168.0.1
set transform-set RBK
match address 199
!
!
!
!
interface Tunnel0
ip unnumbered GigabitEthernet0/0
tunnel source GigabitEthernet0/0
tunnel destination 192.168.0.1
tunnel checksum
crypto map TUNNEL0
!
interface GigabitEthernet0/0
ip address 192.168.0.2 255.255.255.252
duplex auto
speed auto
media-type rj45
crypto map TUNNEL0
!
access-list 199 permit ip host 192.168.0.2 host 192.168.0.1
!
!
!
end
---------------------------------
c1812gw1#sh int tun0
Tunnel0 is up, line protocol is up
  Hardware is Tunnel
  Interface is unnumbered. Using address of FastEthernet0 (192.168.0.1)
  MTU 1514 bytes, BW 9 Kbit, DLY 500000 usec,
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation TUNNEL, loopback not set
  Keepalive not set
  Tunnel source 192.168.0.1 (FastEthernet0), destination 192.168.0.2
  Tunnel protocol/transport IP/IP
  Tunnel TTL 255
  Fast tunneling enabled
  Tunnel transmit bandwidth 8000 (kbps)
  Tunnel receive bandwidth 8000 (kbps)

c1812gw1#sh crypto engine connection active
Crypto Engine Connections
   ID Interface  Type  Algorithm           Encrypt  Decrypt IP-Address
c1812gw1#

Содержание

Не работает туннель,Erik, 15:20 , 03-Окт-07

Сообщения в этом обсуждении

"Не работает туннель"
Отправлено Erik , 03-Окт-07 15:20

Извиняюсь. Вопрос закрыт. Всё работает