Jump to content
Sign in to follow this  
romeo310

1720 VPN Server und Cisco VPN Soft-Client

Recommended Posts

Moin,

 

kämpfe schon seit Wochen damit, meinen 1720er als VPN Server ans laufen zu bekommen, damit ich als Roadwarrior mit dem Cisco VPN Client (Software) verschlüsselt eine VPN VErbindung aufbauen kann. Leider ohne Erfolg. Hat jemand hier im Board eine brauchbare config für diesen Zweck ?

 

hier meine rein auf VPN bezogene Konfig:

 

!

username User1 password 7 xxx

username User2 password 7 xxx

username User3 password 7 xxx

clock timezone MEZ 1

clock summer-time MEZ+1 recurring

aaa new-model

!

!

aaa authentication login clientauth local

aaa authentication login userlist local

aaa authorization network groupauthor local

aaa session-id common

!

ip dhcp pool standard-clients

network 192.168.10.0 255.255.255.0

dns 192.168.10.52 192.168.10.1 194.25.2.129

default-router 192.168.10.1

!

ip flow-cache feature-accelerate

!

crypto keyring spokes

pre-shared-key address 0.0.0.0 0.0.0.0 key *Passwort*

!

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp key *Passwort* address 0.0.0.0 0.0.0.0

crypto isakmp keepalive 30 10

crypto isakmp nat keepalive 30

!

crypto isakmp client configuration group clientgroup

key *Passwort*

dns 192.168.10.52 192.168.10.1 194.25.2.129

pool ippool

acl VPNROUTES-CLIENTS

crypto isakmp profile L2L

description LAN-2-LAN Configuration for Spokes Routers

keyring spokes

match identity address 0.0.0.0

crypto isakmp profile VPNclient

description VPN Clients Profile

match identity group clientgroup

client authentication list clientauth

isakmp authorization list groupauthor

client configuration address respond

!

!

crypto ipsec transform-set myset esp-3des esp-sha-hmac

no crypto ipsec nat-transparency udp-encaps

!

crypto dynamic-map dynmap 5

set transform-set myset

set isakmp-profile VPNclient

reverse-route

crypto dynamic-map dynmap 10

set transform-set myset

set isakmp-profile L2L

reverse-route

!

!

crypto map mymap 10 ipsec-isakmp dynamic dynmap

!

interface Ethernet0

ip route-cache flow

crypto map mymap

!

interface Dialer1

crypto map mymap

!

ip local pool ippool 192.168.10.250 192.168.10.254

!

ip access-list extended FIREWALL-INCOMING

permit udp any any eq isakmp

permit udp any any eq non500-isakmp

permit esp any any

deny ip any any log

!

!

ip access-list extended VPNROUTES-CLIENTS

permit ip any any

deny ip any any log

!

!

ntp clock-period 17042045

ntp access-group peer 10

ntp master 2

ntp server 131.188.3.223

ntp server 131.188.3.222

ntp server 131.188.3.221

ntp server 131.188.3.220

!

end

 

 

THX für Antworten. Wäre echt dringend, die Lösung !

 

romeo310

Share this post


Link to post
Share on other sites
Der letzte Beitrag zu diesem Thema ist mehr als 180 Tage alt. Bitte überlege Dir, ob es nicht sinnvoller ist ein neues Thema zu erstellen.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

Werbepartner:



×
×
  • Create New...