The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]

форумы
правила/FAQ
поиск
регистрация
вход
слежка
RSS


"ipsec and vlan interface "
Версия для распечатки Пред. тема | След. тема
Форум Маршрутизаторы CISCO и др. оборудование.
Исходное сообщение [ Отслеживать ]

. "ipsec and vlan interface " +/
Сообщение от bekzodemail (?), 16-Авг-12, 01:18 
> ping 172.16.2.192 sou vl20
> sho cry is sa
> sho cry ip sa

ping 172.16.2.192 source vlan20
Sending 5, 100-byte ICMP Echos to 172.16.2.192, timeout is 2 seconds:
Packet sent with a source address of 192.168.20.1
!!!!!
ping 172.16.2.2 (PC_A) source vlan20  
Sending 5, 100-byte ICMP Echos to 172.16.2.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.20.1
.....
show crypto is sa
IPv4 Crypto ISAKMP SA
dst             src             state          conn-id status
192.168.15.1    192.168.15.2    QM_IDLE           2001 ACTIVE

IPv6 Crypto ISAKMP SA

Livingstone_R# show crypto ip sa

interface: FastEthernet4
    Crypto map tag: voice, local addr 192.168.15.2

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (192.168.20.0/255.255.255.240/0/0)
   remote ident (addr/mask/prot/port): (172.16.2.0/255.255.255.0/0/0)
   current_peer 192.168.15.1 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: 192.168.15.2, remote crypto endpt.: 192.168.15.1
     path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (172.16.2.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (192.168.20.0/255.255.255.240/0/0)
   current_peer 192.168.15.1 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 3, #pkts encrypt: 3, #pkts digest: 3
    #pkts decaps: 7, #pkts decrypt: 7, #pkts verify: 7
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 1, #recv errors 0

     local crypto endpt.: 192.168.15.2, remote crypto endpt.: 192.168.15.1
     path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
     current outbound spi: 0x2176D669(561436265)
     PFS (Y/N): Y, DH group: group1

     inbound esp sas:
      spi: 0x99AEC0E3(2578366691)
        transform: esp-des esp-md5-hmac ,
        in use settings ={Tunnel, }
        conn id: 1, flow_id: Onboard VPN:1, sibling_flags 80000046, crypto map: voice
        sa timing: remaining key lifetime (k/sec): (4389856/3555)
        IV size: 8 bytes
        replay detection support: Y
        Status: ACTIVE

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:
      spi: 0x2176D669(561436265)
        transform: esp-des esp-md5-hmac ,
        in use settings ={Tunnel, }
        conn id: 2, flow_id: Onboard VPN:2, sibling_flags 80000046, crypto map: voice
        sa timing: remaining key lifetime (k/sec): (4389856/3555)
        IV size: 8 bytes
        replay detection support: Y
        Status: ACTIVE

     outbound ah sas:

     outbound pcp sas:

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (192.168.15.1/255.255.255.255/0/0)
   remote ident (addr/mask/prot/port): (192.168.15.2/255.255.255.255/0/0)
   current_peer 192.168.15.1 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: 192.168.15.2, remote crypto endpt.: 192.168.15.1
     path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (192.168.15.2/255.255.255.255/0/0)
   remote ident (addr/mask/prot/port): (192.168.15.1/255.255.255.255/0/0)
   current_peer 192.168.15.1 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 0, #recv errors 0

     local crypto endpt.: 192.168.15.2, remote crypto endpt.: 192.168.15.1
     path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet4
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:

Ответить | Правка | Наверх | Cообщить модератору

Оглавление
ipsec and vlan interface , bekzod, 14-Авг-12, 22:19  [смотреть все]
Форумы | Темы | Пред. тема | След. тема



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру