10-06-2003 11:38 PM - edited 02-21-2020 12:48 PM
This is a config on 2611XM. I accept dial-up clients with Cisco VPN client on their PCs; also I accept remote sites in site-to-site VPN configuration. What I have to do (on my side router 2611) that I can accept clients, which use Cisco ISDN router (like as 804) on their side?
-------
Cisco2611XM#show run
Building configuration...
Current configuration : 3844 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cisco2611XM
!
enable secret 5 xxxxxxxxxxxxx
enable password xxxxx
!
username xxxx password 0 xxxxxx
aaa new-model
!
!
aaa authentication login userauthen local
aaa authorization network groupauthor local
aaa session-id common
ip subnet-zero
!
!
!
ip audit notify log
ip audit po max-events 100
!
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 5
hash md5
authentication pre-share
crypto isakmp key xxxxxx address xxx.xxx.xxx.xxx no-xauth
crypto isakmp key xxxxxx address xxx.xxx.xxx.xxx no-xauth
crypto isakmp key xxxxxx address xxx.xxx.xxx.xxx no-xauth
!
crypto isakmp client configuration group xxxxx
key xxxxxx
dns 192.168.1.100
domain company.com
pool ippool
!
!
crypto ipsec transform-set myset esp-3des esp-sha-hmac
crypto ipsec transform-set myset1 esp-des esp-md5-hmac
crypto ipsec transform-set myset2 esp-des esp-md5-hmac
mode transport
crypto ipsec transform-set myset3 esp-des esp-md5-hmac
mode transport
!
crypto dynamic-map dynmap 10
set transform-set myset
!
!
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 5 ipsec-isakmp
set peer xxx.xxx.xxx.xxx
set transform-set myset1
match address 115
crypto map clientmap 6 ipsec-isakmp
set peer xxx.xxx.xxx.xxx
set transform-set myset2
match address 116
crypto map clientmap 7 ipsec-isakmp
set peer xxx.xxx.xxx.xxx
set transform-set myset3
match address 117
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
!
!
!
!
!
!
!
!
!
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip mroute-cache
speed auto
half-duplex
!
interface FastEthernet0/1
ip address xxx.xxx.xxx.xxx 255.255.255.252
ip nat outside
no ip mroute-cache
duplex auto
speed auto
crypto map clientmap
!
ip local pool ippool 192.168.200.1 192.168.200.254
ip nat inside source route-map nonat interface FastEthernet0/1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx
ip route xxx.xxx.xxx.xxx 255.255.192.0 192.168.1.101
ip route 192.168.0.0 255.255.255.0 xxx.xxx.xxx.xxx
ip route 192.168.10.0 255.255.255.0 xxx.xxx.xxx.xxx
ip route xxx.xxx.xxx.xxx 255.255.255.0 xxx.xxx.xxx.xxx
ip http server
!
!
ip access-list extended addr-pool
ip access-list extended default-domain
ip access-list extended dns-servers
ip access-list extended idletime
ip access-list extended inacl
ip access-list extended key-exchange
ip access-list extended protocol
ip access-list extended service
ip access-list extended timeout
ip access-list extended tunnel-password
!
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.200.0 0.0.0.255
access-list 101 deny ip 192.168.1.0 0.0.0.255 xxx.xxx.xxx.xxx
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 115 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 115 permit ip xxx.xxx.xxx.xxx 0.0.31.255 192.168.0.0 0.0.0.255
access-list 116 permit ip 192.168.1.0 0.0.0.255 192.168.10.0 0.0.0.255
access-list 116 permit ip xxx.xxx.xxx.xxx 0.0.31.255 192.168.10.0 0.0.0.255
access-list 117 permit ip 192.168.1.0 0.0.0.255 xxx.xxx.xxx.xxx 0.0.0.255
access-list 117 permit ip xxx.xxx.xxx.xxx 0.0.31.255 xxx.xxx.xxx.xxx 0.0.0.255
!
route-map nonat permit 10
match ip address 101
!
radius-server authorization permit missing Service-Type
call rsvp-sync
!
!
mgcp profile default
!
!
!
dial-peer cor custom
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
password xxxxxx
!
!
end
10-14-2003 09:11 AM
No specific config requiered on 2611, it accepts calls by default.
10-16-2003 12:26 AM
how do I have to configure Cisco 804 that I can access cisco 2611xm in regarding the configuration on it?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: