|
Alright is not really a short question but.... I am retarded when it comes to VPNs I've only set one or two up correctly but this does not stop me from thinking my boss is doing it completely backasswards.  I was wondering if one of you would give me a good example of a properly set up VPN between two Ciscos and just so you know we run our operations on 7100s and 7200s running Version 12.2 I know this really isn't specifically a Cisco question but the people that watch this thread are the kind of peeps I would like to hear from.
|
#
¿
Jun 20, 2007 17:57
|
|
|
|
| # ¿ May 4, 2024 16:06 |
|
|
jwh posted:What do you mean? What is he doing? Thank you I will read this (well most of it, I also have a Cisco VPN book coming to me in the mail) but he is using crypto maps and it just seems unnecessarily messy especially with five of them.
|
|
#
¿
Jun 20, 2007 20:29
|
|
|
Hey I'm in a bit of a situation, one of my routers stopped working correctly last night and I've rebuilt my configuration and yet I have not resolved my problem. the players Internet Router A can talk to B and the internet and can not talk to Server A Router B can talk to A and the internet and talk to Server A server A can talk to Router B but not A or the internet. I'm guessing I've just made a simple mistake, would you mide looking this over its the simplest configuration ever.. Here is my config: service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Ctrl-Dfwr-1 ! boot-start-marker boot-end-marker ! enable secret 5 ************ enable password *********** ! no aaa new-model ip subnet-zero ! ! ip cef ! ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0/0 description External Network ip address 208.75.219.250 255.255.255.240 duplex full speed 100 ! interface FastEthernet0/1 description Internal Network ip address 208.75.218.225 255.255.255.224 duplex auto speed auto ! interface Serial1/0 no ip address shutdown serial restart-delay 0 no fair-queue ! interface Serial1/1 no ip address shutdown serial restart-delay 0 ! interface Serial1/2 no ip address shutdown serial restart-delay 0 ! interface Serial1/3 no ip address shutdown serial restart-delay 0 ! no ip classless ip route 0.0.0.0 0.0.0.0 208.75.219.254 no ip http server no ip http secure-server ! ! ! ! ! ! line con 0 transport preferred all transport output all line aux 0 transport preferred all transport output all line vty 0 4 login transport preferred all transport input all transport output all ! !
|
|
#
¿
May 20, 2008 17:50
|
|
|
sorry I was being rushing a bit. See attachment: Router A's job is to run BGP, she works fine. Router B's job is to be the Border router for one of our smaller parent companies, she is getting out to the internet fine, but is not permitting systems from the 208.75.218.x range out, but she will let traffic out that originates from the 218.225 address. Server A is a SBS for the small parent company.
|
|
#
¿
May 20, 2008 19:14
|
|
|
I found it, its was very strange the subnetmask of the route in the BGP router had changed only allowing 3 IP addresses in thus my ability to get to the router but nothing else. now why it just randomly changed is the question.
|
|
#
¿
May 20, 2008 20:14
|
|