The OpenNET Project / Index page

[  /+++ | | wiki | | ]

          /    RSS
"Site-to-Site VPN Cisco 2801"
 
. | .  
CISCO . . (VPN, VLAN, )
[ ]

"Site-to-Site VPN Cisco 2801"  +/
Yura email(??) on 05--09, 08:41 
Cisco 2801:
Cisco IOS Software, 2801 Software (C2801-ADVSECURITYK9-M), Version 12.4(22)T, RELEASE SOFTWARE (fc1)
SDM -- .
3 , .
, .

VPN#sh run
Building configuration...

Current configuration : 15054 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname VPN
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging buffered
enable secret 5 $1$4zmw$dQHTzdOI2H7JqJ8Z52H041
enable password 7 052A010E3347413F485C4F46
!
aaa new-model
!
!
aaa authentication login local_authen local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization exec local_author local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
!
!
aaa session-id common
dot11 syslog
ip source-route
!
!

multilink bundle-name authenticated
!

!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 2
encr 3des
authentication pre-share
group 2
lifetime 60
!
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
lifetime 28800
crypto isakmp key address 85...21
crypto isakmp key address 131...40
crypto isakmp key address 195...101
!
!
crypto ipsec transform-set VPN1 esp-3des esp-sha-hmac
crypto ipsec transform-set VPN2 esp-3des esp-sha-hmac
crypto ipsec transform-set VPN3 esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Beeline
set peer 85.x.x.21
set security-association lifetime kilobytes 28800
set security-association lifetime seconds 28800
set transform-set VPN1
set pfs group2
match address 100
crypto map SDM_CMAP_1 2 ipsec-isakmp
description VPN2
set peer 131.x.x.40
set transform-set VPN2
match address VPN2
crypto map SDM_CMAP_1 3 ipsec-isakmp
description VPN3
set peer 195.x.x.101
set security-association lifetime kilobytes 28800
set security-association lifetime seconds 28800
set transform-set VPN3
set pfs group2
match address VPN3
!
!
!
!
class-map type inspect match-all sdm-cls-VPNOutsideToInside-1
class-map type inspect match-all sdm-cls-VPNOutsideToInside-3
class-map type inspect match-all sdm-cls-VPNOutsideToInside-2
class-map type inspect match-all sdm-cls-VPNOutsideToInside-4
class-map type inspect match-any SDM_AH
match access-group name SDM_AH
class-map type inspect match-any me-me_lan
match protocol tcp
match protocol udp
match protocol icmp
class-map type inspect match-all SDM_RIP_PT
match protocol router
class-map type inspect match-any all2
match protocol tcp
match protocol icmp
match protocol smtp
class-map type inspect match-all sdm-cls--3
match class-map all2
match access-group name all2
class-map type inspect match-any all
match protocol icmp
match protocol smtp
match protocol tcp
class-map type inspect match-all sdm-cls--2
match class-map all
match access-group name all
class-map type inspect match-all sdm-cls--1
match class-map me-me_lan
match access-group name me-me
class-map type inspect match-any mach3
match protocol tcp
match protocol udp
match protocol icmp
class-map type inspect match-any MACH2
match protocol udp
match protocol icmp
match protocol tcp
class-map type inspect match-any SDM_ESP
match access-group name SDM_ESP
class-map type inspect match-all sdm-cls-sdm-permit-1
match access-group name vpn
class-map type inspect match-all sdm-cls-sdm-policy-sdm-cls--3-1
match class-map mach3
match access-group name mach3
class-map type inspect match-all sdm-cls-sdm-policy-sdm-cls--2-1
match class-map MACH2
match access-group name MACH2
!
!
policy-map type inspect sdm-policy-sdm-cls--3
class type inspect sdm-cls-sdm-policy-sdm-cls--3-1
  inspect
class type inspect sdm-cls--3
  inspect
class class-default
  drop
policy-map type inspect sdm-policy-sdm-cls--2
class type inspect sdm-cls-sdm-policy-sdm-cls--2-1
  inspect
class type inspect sdm-cls--2
  inspect
class type inspect sdm-cls-VPNOutsideToInside-1
  inspect
class type inspect sdm-cls-VPNOutsideToInside-2
  inspect
class type inspect sdm-cls-VPNOutsideToInside-3
  inspect
class type inspect sdm-cls-VPNOutsideToInside-4
  inspect
class class-default
  drop
!
zone security LAN
zone security WAN
zone-pair security sdm-zp-WAN-LAN source WAN destination LAN
service-policy type inspect sdm-policy-sdm-cls--2
zone-pair security sdm-zp-LAN-WAN source LAN destination WAN
service-policy type inspect sdm-policy-sdm-cls--3
!
!
!
interface FastEthernet0/0
description $ETH-WAN$$FW_OUTSIDE$
ip address 193.x.x.27 255.255.255.224
ip nat outside
ip virtual-reassembly
zone-member security WAN
duplex auto
speed auto
crypto map SDM_CMAP_1
crypto ipsec df-bit clear
!        
interface FastEthernet0/1
description BILLING_LAN$ETH-LAN$$FW_INSIDE$
ip address 129...70 255.255.0.0
ip nat inside
ip virtual-reassembly
zone-member security LAN
duplex auto
speed auto
!
interface FastEthernet0/3/0
!
interface FastEthernet0/3/1
!
interface FastEthernet0/3/2
!
interface FastEthernet0/3/3
!
interface Vlan1
no ip address
!

ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 193.x.x.1 permanent
ip route 85.x.x.0 255.255.255.0 85.x.x.21 permanent
ip route 131.x.x.0 255.255.255.0 131.x.x.40 permanent
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/0 overload
!
ip access-list standard NAT
remark NAT
remark SDM_ACL Category=2
permit any
!
ip access-list extended Beeline
remark Beeline
remark SDM_ACL Category=4
permit tcp any any
permit tcp any 0.0.0.0 255.255.0.0
permit tcp host 129.9.0.50 host 85.9.128.21
permit tcp host 129.9.0.50 eq smtp host 85.9.129.241 eq smtp
ip access-list extended HUAWEI
remark HUAWEI
remark SDM_ACL Category=4
permit tcp any 128.8.110.0 1.1.1.0
deny   tcp any any
ip access-list extended MACH
remark ACL for MACH
remark SDM_ACL Category=4
permit tcp any any
permit tcp host 131.x.x.55 host 129.x.x.38
permit tcp host 131.x.x.56 host 129.x.x.39
permit tcp host 129.x.x.38 host 131.x.x.55
permit tcp host 129.x.x.39 host 131.x.x.56
deny   tcp any any
ip access-list extended MACH2
remark SDM_ACL Category=128
permit ip any any
ip access-list extended SDM_AH
remark SDM_ACL Category=1
permit ahp any any
ip access-list extended SDM_ESP
remark SDM_ACL Category=1
permit esp any any
ip access-list extended all
remark SDM_ACL Category=128
permit ip any 129.x.0.0 0.0.255.255
ip access-list extended all2
remark SDM_ACL Category=128
permit ip 129.x.0.0 0.0.255.255 any
ip access-list extended any_tome
remark SDM_ACL Category=128
permit ip any any
ip access-list extended mach3
remark SDM_ACL Category=128
permit ip any any
ip access-list extended me-me
remark SDM_ACL Category=128
permit ip any any
ip access-list extended smtp_lan
remark SDM_ACL Category=128
permit ip 85.x.0.0 0.0.255.255 129.x.0.0 0.0.255.255
ip access-list extended vpn
remark SDM_ACL Category=128
permit ip host 85.x.x.21 host 129.x.0.50
!
permit any any
!
!
!
route-map SDM_RMAP_1 permit 1
match ip address 105
!
route-map nonat permit 10
match ip address 130
!
!
!
control-plane
!
!
line con 0
password 7 106F0E18171C1D3D5D5D727F
line aux 0
line vty 0 4
access-class 106 in
password 7 11281E040519043A55737370
authorization exec local_author
login authentication local_authen
transport input telnet ssh
!
scheduler allocate 20000 1000
end


| | C


[ | RSS]


1. "Site-to-Site VPN Cisco 2801"  +/
SUY (ok) on 05--09, 18:01 

>

1. sdm ... , .

2. crypto map. B , . acl 100, VPN2, VPN3?


| | ^ #0 | | C

2. "Site-to-Site VPN Cisco 2801"  +/
merko (??) on 06--09, 04:10 
, .
SDM ...


| | ^ #1 | | C

3. "Site-to-Site VPN Cisco 2801"  +/
merko (??) on 06--09, 04:11 
> , .
>SDM ...

!

| | ^ #2 | | C

4. "Site-to-Site VPN Cisco 2801"  +/
Yura email(??) on 10--09, 08:09 
>
>>
>
>1. sdm ... , .
>
>
>2. crypto map. B
> , . acl 100, VPN2, VPN3?

.. : permit tcp any any


| | ^ #1 | | C

5. "Site-to-Site VPN Cisco 2801"  +/
SUY (ok) on 10--09, 09:51 
>[ ]
>>>
>>
>>1. sdm ... , .
>>
>>
>>2. crypto map. B
>> , . acl 100, VPN2, VPN3?
>
> .. : permit
>tcp any any

?

| | ^ #4 | | C

6. "Site-to-Site VPN Cisco 2801"  +/
SUY (ok) on 10--09, 09:57 
>[ ]
>>>
>>
>>1. sdm ... , .
>>
>>
>>2. crypto map. B
>> , . acl 100, VPN2, VPN3?
>
> .. : permit
>tcp any any

?

, acl - sh ip acl xxxx

sho cry isa sa sh cry ipsec sa

| | ^ #4 | | C

7. "Site-to-Site VPN Cisco 2801 RE (VPN-S"  +/
OMEPTA on 26--12, 15:19 
</a>
    
    

</h2>
</div>
<!-- begin wrapper divs -->
<div id="mainwrapper">
<div id="wrapper">
</div>

<!-- page content -->
<div id="container">
<div class="content">
<div class="contenttitle">
<h2>02/11: (VPN-SERVICE).</h2>
</div>
<div class="contentitem">
<div class="contentitem1">
<small class="contentitemcategory">
: <a title="Category: " href="index.php?catid=3"></a>
</small>
</div>
<div class="contentitem2">
<small class="contentitempostedby">
: <a title="Author: ABTOP" href="index.php?memberid=1">ABTOP</a>
</small>
</div>
<div class="contentitem4">
<small class="contentitemedit">
<a onclick="if (event && event.preventDefault) event.preventDefault();winbm=window.open(this.href,'nucleusbm','scrollbars=yes,width=600,height=550,left=10,top=10,status=yes,resizable=yes');winbm.focus();return false;" title="Make changes to your entry" href="http://omepta.cc/nucleus/bookmarklet.php?action=edit&itemid=... item</a>
</small>
</div>
</div>
<div class="contentbody">
<img src="OMEPTA.jpeg"/><br/>
<br/>
25 .<br/><br/>
<a name="more"/>US   - UNITED STATES <img src="http://omepta.cc/PuCyHKu/us.png"/> 11/55/99 EUR,<br/>
UK   - GREAT BRITAIN <img src="http://omepta.cc/PuCyHKu/gb.png"/> 11/55/99 EUR,<br/>
DE   - GERMANY <img src="http://omepta.cc/PuCyHKu/de.png"/> 11/55/99 EUR,<br/>
FR   - FRANCE <img src="http://omepta.cc/PuCyHKu/fr.png"/> 11/55/99 EUR,<br/>
CA   - CANADA <img src="http://omepta.cc/PuCyHKu/ca.png"/> 11/55/99 EUR,<br/>
NL   - NETHERLANDS <img src="http://omepta.cc/PuCyHKu/nl.png"/> 11/55/99 EUR,<br/>
FI   - FINLAND <img src="http://omepta.cc/PuCyHKu/fi.png"/> 11/55/99 EUR,<br/>
CZ   - CZECH REPUBLIC <img src="http://omepta.cc/PuCyHKu/cz.png"/> 11/55/99 EUR,<br/>
LU   - LUXEMBOURG <img src="http://omepta.cc/PuCyHKu/lu.png"/> 11/55/99 EUR,<br/>
IR   - IRELAND <img src="http://omepta.cc/PuCyHKu/ie.png"/> 11/55/99 EUR,<br/>
CH   - SWITZERLAND <img src="http://omepta.cc/PuCyHKu/ch.png"/> 11/55/99 EUR,<br/>
TR   - TURKEY <img src="http://omepta.cc/PuCyHKu/tr.png"/> 11/55/99 EUR,<br/>
ES   - SPAIN <img src="http://omepta.cc/PuCyHKu/es.png"/> 11/55/99 EUR,<br/>
IT   - ITALY <img src="http://omepta.cc/PuCyHKu/it.png"/> 11/55/99 EUR,<br/>
BE   - BELGIUM <img src="http://omepta.cc/PuCyHKu/be.png"/> 11/55/99 EUR,<br/>
PT   - PORTUGAL <img src="http://omepta.cc/PuCyHKu/pt.png"/> 11/55/99 EUR,<br/>
HK   - HONG KONG <img src="http://omepta.cc/PuCyHKu/hk.png"/> 11/55/99 EUR,<br/>
SG   - SINGAPORE <img src="http://omepta.cc/PuCyHKu/sg.png"/> 11/55/99 EUR,<br/>
SE   - SWEDEN <img src="http://omepta.cc/PuCyHKu/se.png"/> 11/55/99 EUR,<br/>
RO   - ROMANIA <img src="http://omepta.cc/PuCyHKu/ro.png"/> 11/55/99 EUR,<br/>
PL   - POLAND <img src="http://omepta.cc/PuCyHKu/pl.png"/> 11/55/99 EUR,<br/>
UA   - UKRAINE <img src="http://omepta.cc/PuCyHKu/ua.png"/> 11/55/99 EUR,<br/>
RU   - RUSSIA <img src="http://omepta.cc/PuCyHKu/ru.png"/> 11/55/99 EUR,<br/>
AU   - AUSTRALIA <img src="http://omepta.cc/PuCyHKu/au.png"/> 33/155/299 EUR,<br/>
NZ   - NEW ZEALAND <img src="http://omepta.cc/PuCyHKu/nz.png"/> 33/155/299 EUR,<br/>
<br/>
- //(MONTHLY/SEMI-ANNUALLY/ANNUALLY).<br/>
<br/>
: ( ), , .<br/>
<br/>
:<br/>
LIQPAY WEBMONEY MONEYBOOKERS ALERTPAY WIRE<br/>
<br/>
.<br/>
<br/>
.<br/>
<br/>
mail : batcoh@omepta.cc
</div>

| | ^ #6 | | C

|

FAQ | | | . | .




:
Inferno Solutions
Hosting by Hoster.ru
:


Created 1996-2021 by Maxim Chirkov
, ,