|
1 / 1 / 0
Регистрация: 09.12.2012
Сообщений: 24
|
|
| 1 | |
Asa 5505 vpn27.10.2014, 14:57. Показов 796. Ответов 0
Метки нет (Все метки)
Нужно, чтобы VPN uses (192.168.2.0) могли пинговать друг друга. Код
interface Vlan1 nameif inside security-level 100 ip address 192.168.1.1 255.255.255.0 interface Vlan2 nameif outside security-level 0 ip address dhcp setroute same-security-traffic permit inter-interface access-list Local_LAN_Access remark VPN Client Local LAN Access access-list Local_LAN_Access standard permit 192.168.1.0 255.255.255.0 access-list Inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.0 access-list Inside_nat0_outbound extended permit ip any 192.168.2.0 255.255.255.0 access-list Inside_nat0_outbound extended permit ip any 192.168.4.0 255.255.255.0 access-list Inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.4.0 255.255.255.0 access-list vpn extended permit ip 192.168.3.0 255.255.255.0 192.168.1.0 255.255.255.0 access-list Local_LAN_Access_l2tp remark l2tp Client Local LAN Access access-list Local_LAN_Access_l2tp standard permit 192.168.1.0 255.255.255.0 access-list Local_LAN_Access_l2tp standard permit 192.168.2.0 255.255.255.0 access-list vpn_l2tp extended permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0 access-list split-tunnel standard permit 192.168.1.0 255.255.255.0 access-list split-tunnel remark match Anyconn client to tunnel traffic ip local pool l2tp-ipsec_address 192.168.2.100-192.168.2.114 mask 255.255.255.0 nat-control global (inside) 2 192.168.1.101 global (inside) 3 192.168.1.102 global (outside) 1 interface nat (inside) 0 access-list Inside_nat0_outbound nat (inside) 1 192.168.1.0 255.255.255.0 nat (outside) 2 access-list vpn nat (outside) 3 access-list vpn_l2tp crypto ipsec transform-set trans esp-3des esp-sha-hmac crypto ipsec transform-set trans mode transport crypto dynamic-map dyno 10 set transform-set trans crypto map vpn 65535 ipsec-isakmp dynamic dyno crypto map vpn interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption 3des hash sha group 2 lifetime 43200 crypto isakmp policy 10 authentication rsa-sig encryption 3des hash sha group 2 lifetime 86400 crypto isakmp nat-traversal 30 vpn-addr-assign local reuse-delay 5 group-policy l2tp-ipsec_policy internal group-policy l2tp-ipsec_policy attributes dns-server value 192.168.1.10 vpn-tunnel-protocol l2tp-ipsec split-tunnel-policy tunnelspecified split-tunnel-network-list value Local_LAN_Access_l2tp
0
|
|
(| 27.10.2014, 14:57 | |
|
Ответы с готовыми решениями:
0
Потянет ли ASA 5505 пять STS VPN
Cisco ASA 5505 можно ли в 5505 использовать DHCP настроенном на 2800 Asa 5505 + wifi |
| 27.10.2014, 14:57 | |
| 27.10.2014, 14:57 | |
|
Помогаю со студенческими работами здесь
1
Помощь ASA 5505 Настройки ASA 5505 Cisco asa 5505
Искать еще темы с ответами Или воспользуйтесь поиском по форуму: |
