Есть киска 2611хм, настраиваю vpn. Вот конфиг:
Current configuration : 1757 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router2611
!
boot-start-marker
boot system flash c2600-ik9s-mz.123-19.bin
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$C.n/$LKKbapBUaTY80coGE4fvv.
enable password supervisor
!
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
!
aaa authentication login default local
aaa authorization network default local
aaa session-id common
ip subnet-zero
ip cef
!
!
!
username admin privilege 15 password 0 supervisor
username cisco password 0 cisco
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration address-pool local vpn1
crypto isakmp xauth timeout 60

!
crypto isakmp client configuration group cisco
key cisco
dns 195.230.73.2
pool vpn1
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
!
crypto dynamic-map dynam 1
set transform-set myset
!
!
!
crypto map myset client authentication list default
crypto map myset isakmp authorization list default
crypto map myset client configuration address respond
crypto map myset 1 ipsec-isakmp dynamic dynam
!
!
!
!
interface FastEthernet0/0
ip address 212.69.109.123 255.255.255.128
duplex auto
speed auto
crypto map myset
!
interface FastEthernet0/1
ip address 192.168.10.25 255.255.255.0
duplex auto
speed auto
!
ip local pool vpn1 192.168.10.30 192.168.10.40
ip default-gateway 192.168.10.1
ip http server
ip http authentication local
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.18.1
!
!
no cdp run
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
password supervisor
!
!
end

вообщем ниче не происходит. Включил debug crypto isakmp.
Выдает следубщее: phase 1 packet is a duplicate of a previous packet

Я не силен в настройке vpn, первый раз делаю.. что не так у меня?

• помогите разобраться c VPN,Александр, 16:42 , 18-Май-06

Перелопатил конфиг. Запускаю ВПН клинет версии 4.8 Конект есть. Поучаю айпи из пула. Допустим 192.168.10.30, маску дает 255.255.255.0 а вот гейтвей такой же как айпи 192.168.10.30  Это разве нормально.

version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router2611
!
boot-start-marker
boot system flash c2600-ik9s-mz.123-19.bin
boot-end-marker
!
logging buffered 51200 warnings
enable secret 5 $1$C.n/$LKKbapBUaTY80coGE4fvv.
enable password supervisor
!
no network-clock-participate slot 1
no network-clock-participate wic 0
aaa new-model
!
!
aaa authentication login default local
aaa authorization network default local
aaa session-id common
ip subnet-zero
ip cef
!
!
!
username admin privilege 15 password 0 supervisor
username cisco password 0 cisco
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group cisco
key cisco
dns 195.230.73.2
pool vpn1
!
!
crypto ipsec transform-set myset esp-des esp-md5-hmac
!
crypto dynamic-map dynam 1
set transform-set myset
!
!
crypto map myset client authentication list default
crypto map myset isakmp authorization list default
crypto map myset client configuration address respond
crypto map myset 1 ipsec-isakmp dynamic dynam
!
!
!
!
interface FastEthernet0/0
ip address 212.69.109.123 255.255.255.128
duplex auto
speed auto
crypto map myset
!
interface FastEthernet0/1
ip address 192.168.10.25 255.255.0.0
duplex auto
speed auto
!
ip local pool vpn1 192.168.10.30 192.168.10.40
ip default-gateway 192.168.10.1
ip http server
ip http authentication local
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.18.1
!
!
no cdp run
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
password supervisor
!
!
end