URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID6
Нить номер: 13903
[ Назад ]

Исходное сообщение
"Cisco 2600 "
Отправлено p1gmale0n , 04-Июл-07 09:01

при подключении (Win XP):
Error 880: Unable to establish the VPN connection. The VPN server may be unreacheble, or security parameters may not be configured propertly for this connection.
config:
version 12.3
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system flash C2600-Advsecurityk9-Mz.123-5A.bin
boot-end-marker
!
enable secret 5 $1$jA5i$BVp25S9uUyStPS9w.bDN31
enable password pass
!
username test password 0 123456
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization network default local
aaa session-id common
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
vpdn enable
!
vpdn-group 1
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
!
no ftp-server write-enable
!
!
crypto isakmp policy 1
hash md5
authentication pre-share
crypto isakmp key cisco address xxx.xxx.194.9
!
!
crypto ipsec transform-set TS1 esp-des esp-sha-hmac
mode transport
!
crypto dynamic-map DYN_MAP 10
set transform-set TS1
!
!
crypto map CRYP_MAP 6000 ipsec-isakmp dynamic DYN_MAP
!
!
!
!
!
!
interface Ethernet0/0
ip address xxx.xxx.194.23 255.255.255.224
no ip mroute-cache
half-duplex
!
interface Serial0/0
no ip address
no ip mroute-cache
shutdown
!
interface Serial0/1
no ip address
no ip mroute-cache
shutdown
!
interface FastEthernet1/0
ip address xxx.xxx.194.193 255.255.255.248
no ip mroute-cache
speed auto
half-duplex
traffic-shape group 100 128000 7936 7936 1000
no mop enabled
!
interface Virtual-Template1
ip unnumbered Ethernet0/0
ip mroute-cache
peer default ip address pool DIAL-IN
ppp authentication ms-chap chap pap
crypto map CRYP_MAP
!
ip local pool DIAL-IN xxx.xxx.194.194 xxx.xxx.194.198
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.194.1
ip http server
no ip http secure-server
!
access-list 100 permit ip any any
access-list 130 permit ip any any
!
!
!
line con 0
line aux 0
line vty 0 4
password passv
!
!
!
end

Содержание

Cisco 2600 ,p1gmale0n, 11:35 , 04-Июл-07
- Cisco 2600 ,p1gmale0n, 14:29 , 05-Июл-07

Сообщения в этом обсуждении

"Cisco 2600 "
Отправлено p1gmale0n , 04-Июл-07 11:35

>при подключении (Win XP):
>Error 880: Unable to establish the VPN connection. The VPN server may
>be unreacheble, or security parameters may not be configured propertly for
>this connection.
Нужно настроить ВПН подключение к циске, с использованием IPSec

"Cisco 2600 "
Отправлено p1gmale0n , 05-Июл-07 14:29

Debug:
05:44:08: IPSEC(create_sa): sa created,
  (sa) sa_dest= xxx.xxx.194.23, sa_prot= 50,
    sa_spi= 0xFECBA19C(4274758044),
    sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 2002
05:44:08: IPSEC(create_sa): sa created,
  (sa) sa_dest= xxx.xxx.194.9, sa_prot= 50,
    sa_spi= 0xD187123(219705635),
    sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 2003
05:44:08: IPSEC(add_sa): peer asks for new SAs -- expire current in 30 sec.,
  (sa) sa_dest= xxx.xxx.194.9, sa_prot= 50,
    sa_spi= 0x85589FAA(2237177770),
    sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 2001,
  (identity) local= xxx.xxx.194.23, remote= xxx.xxx.194.9,
    local_proxy= xxx.xxx.194.23/255.255.255.255/17/1701 (type=1),
    remote_proxy= xxx.xxx.194.9/255.255.255.255/17/1701 (type=1)
05:44:38: IPSEC(delete_sa): deleting SA,
  (sa) sa_dest= xxx.xxx.194.23, sa_prot= 50,
    sa_spi= 0x89FD146D(2315064429),
    sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 2000
05:44:38: IPSEC(delete_sa): deleting SA,
  (sa) sa_dest= xxx.xxx.194.9, sa_prot= 50,
    sa_spi= 0x85589FAA(2237177770),
    sa_trans= esp-3des esp-md5-hmac , sa_conn_id= 2001
---
не могут завязаться ... а почему??