forum.opennet.ru

Составление сообщения

Исходное сообщение

"Перенос конфига для 881"
Отправлено borr741, 25-Янв-17 09:00

Вбил конфиг вручную все сразу завелось pppoe поднялось. Правда я учел замечания ShyLion. Но возникла другая проблема не могу подключиться по VPN'у винды. Юзер для подключения delo винда отвечает 691 ошибкой
Вот sh run

version 15.5
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
no service dhcp
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 [key]
!
aaa new-model
!
!
!
!
!
!
!
aaa session-id common
ethernet lmi ce
memory-size iomem 10
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
vpdn enable
!
vpdn-group VPN
! Default PPTP VPDN group
accept-dialin
  protocol pptp
  virtual-template 1
!
!
crypto pki trustpoint TP-self-signed-1343252281
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1343252281
revocation-check none
rsakeypair TP-self-signed-1343252281
!
!
username admin privilege 15 password 7 [pas]
username delo privilege 0 password 7 [pas]
!
!
!
!
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
switchport access vlan 2
no ip address
no cdp enable
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
no ip address
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
no cdp enable
!
interface Virtual-Template1
ip unnumbered Vlan1
peer default ip address pool VPN
no keepalive
ppp authentication pap chap ms-chap ms-chap-v2
!
interface Vlan1
ip address 192.168.137.1 255.255.255.0
ip nat inside
no ip virtual-reassembly in
!
interface Vlan2
ip address 192.169.237.2 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface Dialer1
ip address negotiated
ip mtu 1452
ip nat outside
no ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer enable-timeout 1
dialer wait-for-line-protocol 5
dialer wait-for-carrier-time 5
dialer-group 1
ppp authentication chap callin
ppp chap password 7 [pas]
ppp chap refuse
ppp pap sent-username [login] password 7 [pas]
ppp ipcp route default
no cdp enable
!
ip local pool vpn 192.168.137.220 192.168.137.250
ip forward-protocol nd
ip http server
ip http secure-server
!
ip nat inside source list 100 interface Dialer1 overload
ip nat inside source list 101 interface Vlan2 overload
ip nat inside source static tcp 192.168.137.137 999 interface Dialer1 999
ip nat inside source static tcp 192.168.137.137 3389 interface Dialer1 3389
ip nat inside source static tcp 192.168.137.137 8888 interface Dialer1 8888
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 172.21.102.0 255.255.255.0 192.169.237.1
ip route 172.30.181.0 255.255.255.0 192.169.237.1
ip route 192.168.14.0 255.255.255.0 192.169.237.1
ip route 192.168.200.0 255.255.255.0 192.169.237.1
ip ssh version 1
!
dialer-list 1 protocol ip permit
!
access-list 100 deny   ip 192.168.137.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 100 deny   ip 192.168.200.0 0.0.0.255 192.169.237.0 0.0.0.255
access-list 100 deny   ip 192.168.137.0 0.0.0.255 172.21.102.0 0.0.0.255
access-list 100 deny   ip 192.168.137.0 0.0.0.255 172.30.181.0 0.0.0.255
access-list 100 deny   ip 192.168.137.0 0.0.0.255 192.168.14.0 0.0.0.255
access-list 100 deny   ip 192.168.14.0 0.0.0.255 192.169.237.0 0.0.0.255
access-list 100 permit ip 192.168.137.0 0.0.0.255 any
access-list 101 permit ip 192.168.137.0 0.0.0.255 any
!
!
!
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
transport input ssh
!
scheduler allocate 20000 1000
!
end

Исходное сообщение
"Перенос конфига для 881" Отправлено borr741, 25-Янв-17 09:00
Вбил конфиг вручную все сразу завелось pppoe поднялось. Правда я учел замечания ShyLion. Но возникла другая проблема не могу подключиться по VPN'у винды. Юзер для подключения delo винда отвечает 691 ошибкой Вот sh run version 15.5 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption no service dhcp ! hostname Router ! boot-start-marker boot-end-marker ! ! enable secret 5 [key] ! aaa new-model ! ! ! ! ! ! ! aaa session-id common ethernet lmi ce memory-size iomem 10 ! ! ! ! ! ! ! ! ! ! ! ip cef no ipv6 cef ! ! vpdn enable ! vpdn-group VPN ! Default PPTP VPDN group accept-dialin protocol pptp virtual-template 1 ! ! crypto pki trustpoint TP-self-signed-1343252281 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-1343252281 revocation-check none rsakeypair TP-self-signed-1343252281 ! ! username admin privilege 15 password 7 [pas] username delo privilege 0 password 7 [pas] ! ! ! ! ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 switchport access vlan 2 no ip address no cdp enable ! interface FastEthernet2 no ip address ! interface FastEthernet3 no ip address ! interface FastEthernet4 no ip address duplex auto speed auto pppoe enable group global pppoe-client dial-pool-number 1 no cdp enable ! interface Virtual-Template1 ip unnumbered Vlan1 peer default ip address pool VPN no keepalive ppp authentication pap chap ms-chap ms-chap-v2 ! interface Vlan1 ip address 192.168.137.1 255.255.255.0 ip nat inside no ip virtual-reassembly in ! interface Vlan2 ip address 192.169.237.2 255.255.255.0 ip nat outside ip virtual-reassembly in ! interface Dialer1 ip address negotiated ip mtu 1452 ip nat outside no ip virtual-reassembly in encapsulation ppp dialer pool 1 dialer enable-timeout 1 dialer wait-for-line-protocol 5 dialer wait-for-carrier-time 5 dialer-group 1 ppp authentication chap callin ppp chap password 7 [pas] ppp chap refuse ppp pap sent-username [login] password 7 [pas] ppp ipcp route default no cdp enable ! ip local pool vpn 192.168.137.220 192.168.137.250 ip forward-protocol nd ip http server ip http secure-server ! ip nat inside source list 100 interface Dialer1 overload ip nat inside source list 101 interface Vlan2 overload ip nat inside source static tcp 192.168.137.137 999 interface Dialer1 999 ip nat inside source static tcp 192.168.137.137 3389 interface Dialer1 3389 ip nat inside source static tcp 192.168.137.137 8888 interface Dialer1 8888 ip route 0.0.0.0 0.0.0.0 Dialer1 ip route 172.21.102.0 255.255.255.0 192.169.237.1 ip route 172.30.181.0 255.255.255.0 192.169.237.1 ip route 192.168.14.0 255.255.255.0 192.169.237.1 ip route 192.168.200.0 255.255.255.0 192.169.237.1 ip ssh version 1 ! dialer-list 1 protocol ip permit ! access-list 100 deny ip 192.168.137.0 0.0.0.255 192.168.200.0 0.0.0.255 access-list 100 deny ip 192.168.200.0 0.0.0.255 192.169.237.0 0.0.0.255 access-list 100 deny ip 192.168.137.0 0.0.0.255 172.21.102.0 0.0.0.255 access-list 100 deny ip 192.168.137.0 0.0.0.255 172.30.181.0 0.0.0.255 access-list 100 deny ip 192.168.137.0 0.0.0.255 192.168.14.0 0.0.0.255 access-list 100 deny ip 192.168.14.0 0.0.0.255 192.169.237.0 0.0.0.255 access-list 100 permit ip 192.168.137.0 0.0.0.255 any access-list 101 permit ip 192.168.137.0 0.0.0.255 any ! ! ! ! ! line con 0 no modem enable line aux 0 line vty 0 4 transport input ssh ! scheduler allocate 20000 1000 ! end

Ваше сообщение

Имя*:

EMail:

Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email).
Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.

Заголовок*:

Сообщение*:

> Вбил конфиг вручную все сразу завелось pppoe поднялось. Правда я учел замечания 
> ShyLion. Но возникла другая проблема не могу подключиться по VPN'у винды. 
> Юзер для подключения delo винда отвечает 691 ошибкой 
> Вот sh run 
> [code] 
> version 15.5 
> no service pad 
> service timestamps debug datetime msec 
> service timestamps log datetime msec 
> service password-encryption 
> no service dhcp 
> !
> hostname Router 
> !
> boot-start-marker 
> boot-end-marker 
> !
> !
> enable secret 5 [key] 
> !
> aaa new-model 
> !
> !
> !
> !
> !
> !
> !
> aaa session-id common 
> ethernet lmi ce 
> memory-size iomem 10 
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> !
> ip cef 
> no ipv6 cef 
> !
> !
> vpdn enable 
> !
> vpdn-group VPN 
>  ! Default PPTP VPDN group 
>  accept-dialin 
>   protocol pptp 
>   virtual-template 1 
> !
> !
> crypto pki trustpoint TP-self-signed-1343252281 
>  enrollment selfsigned 
>  subject-name cn=IOS-Self-Signed-Certificate-1343252281 
>  revocation-check none 
>  rsakeypair TP-self-signed-1343252281 
> !
> !
> username admin privilege 15 password 7 [pas] 
> username delo privilege 0 password 7 [pas] 
> !
> !
> !
> !
> !
> !
> interface FastEthernet0 
>  no ip address 
> !
> interface FastEthernet1 
>  switchport access vlan 2 
>  no ip address 
>  no cdp enable 
> !
> interface FastEthernet2 
>  no ip address 
> !
> interface FastEthernet3 
>  no ip address 
> !
> interface FastEthernet4 
>  no ip address 
>  duplex auto 
>  speed auto 
>  pppoe enable group global 
>  pppoe-client dial-pool-number 1 
>  no cdp enable 
> !
> interface Virtual-Template1 
>  ip unnumbered Vlan1 
>  peer default ip address pool VPN 
>  no keepalive 
>  ppp authentication pap chap ms-chap ms-chap-v2 
> !
> interface Vlan1 
>  ip address 192.168.137.1 255.255.255.0 
>  ip nat inside 
>  no ip virtual-reassembly in 
> !
> interface Vlan2 
>  ip address 192.169.237.2 255.255.255.0 
>  ip nat outside 
>  ip virtual-reassembly in 
> !
> interface Dialer1 
>  ip address negotiated 
>  ip mtu 1452 
>  ip nat outside 
>  no ip virtual-reassembly in 
>  encapsulation ppp 
>  dialer pool 1 
>  dialer enable-timeout 1 
>  dialer wait-for-line-protocol 5 
>  dialer wait-for-carrier-time 5 
>  dialer-group 1 
>  ppp authentication chap callin 
>  ppp chap password 7 [pas] 
>  ppp chap refuse 
>  ppp pap sent-username [login] password 7 [pas] 
>  ppp ipcp route default 
>  no cdp enable 
> !
> ip local pool vpn 192.168.137.220 192.168.137.250 
> ip forward-protocol nd 
> ip http server 
> ip http secure-server 
> !
> ip nat inside source list 100 interface Dialer1 overload 
> ip nat inside source list 101 interface Vlan2 overload 
> ip nat inside source static tcp 192.168.137.137 999 interface Dialer1 999 
> ip nat inside source static tcp 192.168.137.137 3389 interface Dialer1 3389 
> ip nat inside source static tcp 192.168.137.137 8888 interface Dialer1 8888 
> ip route 0.0.0.0 0.0.0.0 Dialer1 
> ip route 172.21.102.0 255.255.255.0 192.169.237.1 
> ip route 172.30.181.0 255.255.255.0 192.169.237.1 
> ip route 192.168.14.0 255.255.255.0 192.169.237.1 
> ip route 192.168.200.0 255.255.255.0 192.169.237.1 
> ip ssh version 1 
> !
> dialer-list 1 protocol ip permit 
> !
> access-list 100 deny   ip 192.168.137.0 0.0.0.255 192.168.200.0 0.0.0.255 
> access-list 100 deny   ip 192.168.200.0 0.0.0.255 192.169.237.0 0.0.0.255 
> access-list 100 deny   ip 192.168.137.0 0.0.0.255 172.21.102.0 0.0.0.255 
> access-list 100 deny   ip 192.168.137.0 0.0.0.255 172.30.181.0 0.0.0.255 
> access-list 100 deny   ip 192.168.137.0 0.0.0.255 192.168.14.0 0.0.0.255 
> access-list 100 deny   ip 192.168.14.0 0.0.0.255 192.169.237.0 0.0.0.255 
> access-list 100 permit ip 192.168.137.0 0.0.0.255 any 
> access-list 101 permit ip 192.168.137.0 0.0.0.255 any 
> !
> !
> !
> !
> !
> line con 0 
>  no modem enable 
> line aux 0 
> line vty 0 4 
>  transport input ssh 
> !
> scheduler allocate 20000 1000 
> !
> end

> [/code]

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру