Hallo Zusammen,
ich versuche ein VPN mit einem CISCO 1841 (192.168.10.100) und einem Windows 2000 (192.168.10.1) Server zu erstellen. Die externen Clients sollen über (DSL) die Windows VPN einwahl ins Netz kommen. Untenstehende Config ist im CISCO Router vorhanden, auch eine feste IP ist vorhanden. Was muß nun bei den Clients, dem Server und dem Router eingestellt, verändert werden, damit die Einwahl klappt? Vielen Dank... Grüße
Building configuration...
Current configuration : 4219 bytes
!
! Last configuration change at 17:06:04 UTC Wed Nov 21 2007 by michael
! NVRAM config last updated at 11:11:22 UTC Wed Nov 14 2007 by michael
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname R01-UHL
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 123456
!
username NNNNN password PPPPP
username NNNNN privilege 15 password PPPPP
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
aaa new-model
!
!
aaa authentication login client local
aaa authorization network client local
aaa session-id common
ip subnet-zero
ip cef
!
!
ip inspect name fw icmp
ip inspect name fw tcp
ip inspect name fw udp
ip inspect name fw ftp
ip inspect name fw sqlnet
ip inspect name fw tftp
ip inspect name fw http
!
!
ip ips po max-events 100
ip domain name domain.mm
no ftp-server write-enable
!
password encryption aes
!
!
!
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
!
crypto isakmp client configuration group ciscovpn
key 132456
domain domain2.de
pool vpnclient
crypto isakmp profile vpnclient
match identity group ciscovpn
client authentication list client
isakmp authorization list client
client configuration address initiate
client configuration address respond
!
!
crypto ipsec transform-set myset esp-aes 256 esp-sha-hmac
!
crypto dynamic-map dynmap 10
set transform-set myset
!
!
crypto map mymap 10 ipsec-isakmp dynamic dynmap
!
!
!
interface FastEthernet0/0
description $ETH-LAN$
ip address 192.168.10.100 255.255.255.0
ip access-group inside in
ip inspect fw out
ip nat inside
ip virtual-reassembly
speed 100
full-duplex
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto tone low
pvc 1/32
pppoe-client dial-pool-number 1
!
!
interface Dialer1
ip address negotiated
ip access-group outside in
ip mtu 1456
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1452
dialer pool 1
dialer remote-name t-online
dialer idle-timeout 600
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname feste-ip/XXXXX@t-online-com.de
ppp chap password XXXXXXXX
ppp pap sent-username feste-ip/XXXXX@t-online-com.de password XXXXXXXX
ppp ipcp dns request
ppp ipcp wins request
crypto map mymap