А подскажите ещё пожалуйста. Стал пробывать в dynamips настроить данную связку. Вот что выходит.Связка двух роутеров. На R1 - DVTI (центральный), на R2 - Static VTI (удалённый).
R1 fa0/1 (192.168.1.1) смотрит в R2 fa0/0 (192.168.1.2)
Стоит задача поднять динамический тунель. Он поднимается, но маршруты не прописываются.
R1#show run
...
hostname R1
...
crypto keyring WPSK
pre-shared-key address 0.0.0.0 0.0.0.0 key rvH0cnVLUGe8naVY
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp profile DVTI
keyring WPSK
match identity address 0.0.0.0
virtual-template 1
!
crypto ipsec transform-set TS esp-3des esp-sha-hmac
!
crypto ipsec profile VTI
set transform-set TS
!
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.1.1 255.255.255.0
duplex auto
speed auto
!
interface Virtual-Template1 type tunnel
ip unnumbered Loopback0
tunnel mode ipsec ipv4
tunnel protection ipsec profile VTI
!
----------------------------------------------------
R2#show run
...
hostname R2
...
crypto keyring WPSK
pre-shared-key address 0.0.0.0 0.0.0.0 key rvH0cnVLUGe8naVY
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
!
crypto ipsec transform-set TS esp-3des esp-sha-hmac
!
crypto ipsec profile VTI
set transform-set TS
!
interface Loopback0
no ip address
!
interface Tunnel0
ip address 10.10.10.2 255.255.255.0
tunnel source FastEthernet0/0
tunnel destination 192.168.1.1
tunnel mode ipsec ipv4
tunnel protection ipsec profile VTI
!
interface FastEthernet0/0
ip address 192.168.1.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
-----
Что показывает:
R1#show int sum
*: interface is up
IHQ: pkts in input hold queue IQD: pkts dropped from input queue
OHQ: pkts in output hold queue OQD: pkts dropped from output queue
RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec)
TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec)
TRTL: throttle count
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
------------------------------------------------------------------------
FastEthernet0/0 0 0 0 0 0 0 0 0 0
* FastEthernet0/1 0 0 0 0 0 0 0 0 0
Virtual-Access1 0 0 0 0 0 0 0 0 0
Virtual-Template1 0 0 0 0 0 0 0 0 0
* Virtual-Access2 0 0 0 0 0 0 0 0 0
* Loopback0 0 0 0 0 0 0 0 0 0
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 192.168.1.1 YES manual up up
Virtual-Access1 unassigned YES unset down down
Virtual-Template1 10.10.10.1 YES TFTP down down
Virtual-Access2 10.10.10.1 YES TFTP up up
Loopback0 10.10.10.1 YES manual up up
R1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Loopback0
C 192.168.1.0/24 is directly connected, FastEthernet0/1
------
То есть хоть тунель и поднят, маршрута никакого на Virtual-Access2 для доступа к R2 нету...
------
R2#show int sum
*: interface is up
IHQ: pkts in input hold queue IQD: pkts dropped from input queue
OHQ: pkts in output hold queue OQD: pkts dropped from output queue
RXBS: rx rate (bits/sec) RXPS: rx rate (pkts/sec)
TXBS: tx rate (bits/sec) TXPS: tx rate (pkts/sec)
TRTL: throttle count
Interface IHQ IQD OHQ OQD RXBS RXPS TXBS TXPS TRTL
------------------------------------------------------------------------
* FastEthernet0/0 0 0 0 0 0 0 0 0 0
FastEthernet0/1 0 0 0 0 0 0 0 0 0
* Loopback0 0 0 0 0 0 0 0 0 0
* Tunnel0 0 0 0 0 0 0 0 0 0
R2#show ip interface brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 192.168.1.2 YES manual up up
FastEthernet0/1 unassigned YES unset administratively down down
Loopback0 unassigned YES unset up up
Tunnel0 10.10.10.2 YES manual up up
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/24 is subnetted, 1 subnets
C 10.10.10.0 is directly connected, Tunnel0
C 192.168.1.0/24 is directly connected, FastEthernet0/0
А тут есть... В общем как заставить схему работать не понимаю :( До этого настраивал только Static VTI (5 офисов так объединил, а тут без вариантов - на другом конце будет динамический IP :(
Помогите плз
Версия для распечатки
Cisco Tunnel Static IP to Dynamic IP (DVTI или что?), 
Nerian, 07-Окт-10, 14:20 [смотреть все]
