Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Once I establish the PPPoE session, can I then bridge the IP address

Hi,

Is it possible to put my cisco 1812 into a bridge config and bridge my public x.x.x.x/32 ip to my asa 5505.

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname xxxxx

!

boot-start-marker

boot-end-marker

!

logging message-counter syslog

!

aaa new-model

!

!

aaa authentication login default local

aaa authentication login ciscocp_vpn_xauth_ml_1 local

aaa authorization exec default local

aaa authorization network ciscocp_vpn_group_ml_1 local

!

!

aaa session-id common

dot11 syslog

ip source-route

!

!

ip dhcp excluded-address 192.168.100.50 192.168.100.254

ip dhcp excluded-address 192.168.100.1 192.168.100.30

!

ip dhcp pool Home

   network 192.168.100.0 255.255.255.0

   default-router 192.168.100.254

   dns-server 213.144.235.1 213.144.235.2

   lease 0 8

!

!

ip cef

no ipv6 cef

!

multilink bundle-name authenticated

!

!

crypto pki trustpoint TP-self-signed-3896270433

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-3896270433

revocation-check none

rsakeypair TP-self-signed-3896270433

!

!

crypto pki certificate chain TP-self-signed-3896270433

certificate self-signed 01

  30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 33383936 32373034 3333301E 170D3131 31323033 31333539

  34305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 38393632

  37303433 3330819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  8100D496 8D9E979C D6509707 172AD702 F48E60D2 E184D3F2 CF8B16E3 41CB97AD

  EF7705D9 02D3D6DB 649D3ECE 33F2972F 4E524415 504DE315 6706F779 AB8F3CD2

  7D4867BA C8C93790 2F0E97EC C3A7F0D1 E256CAB8 EF8687CD 9D0BD377 04DB8EC2

  89FA1256 DB0E9F22 E5BB10C0 AD132DCE CE729C9C 74CA35CC 584CB52D FEF6F6C7

  EA650203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603

  551D1104 0E300C82 0A436973 636F5F31 38343130 1F060355 1D230418 30168014

  48C9A555 7149FD13 38BC28AB 9868574D E43ADF9B 301D0603 551D0E04 16041448

  C9A55571 49FD1338 BC28AB98 68574DE4 3ADF9B30 0D06092A 864886F7 0D010104

  05000381 810013DF 267DD99D CF5567E9 35E05092 8B9CC404 014D6163 429D8B6C

  F5369066 19DE3ACD 28D12289 09EF0A9E 69186480 72B19361 A9551894 AFCD4693

  DF954552 8D959B02 8028967D F53404E8 F014DCF7 334B33DD E3532778 0C0461C3

  9F2070A1 358F4ABC 5ED284A9 4082E90B 692236EE CBE9D8A2 3FFD61D4 6D4A242A

  3773CCF8 A8D5

        quit

!

!

username administrator privilege 15 secret 5

archive

log config

  hidekeys

!

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group VPN

key ......

pool SDM_POOL_1

acl 100

crypto isakmp profile ciscocp-ike-profile-1

   match identity group VPN

   client authentication list ciscocp_vpn_xauth_ml_1

   isakmp authorization list ciscocp_vpn_group_ml_1

   client configuration address respond

   virtual-template 1

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

!

crypto ipsec profile CiscoCP_Profile1

set transform-set ESP-3DES-SHA

set isakmp-profile ciscocp-ike-profile-1

!

!

!

!

!

!

!

interface FastEthernet0/0

description FTTH 100

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

speed 100

full-duplex

!

interface FastEthernet0/0.1

encapsulation dot1Q 6

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface FastEthernet0/1

ip address 192.168.100.254 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

duplex auto

speed auto

!

interface Virtual-Template1 type tunnel

ip unnumbered Dialer1

tunnel mode ipsec ipv4

tunnel protection ipsec profile CiscoCP_Profile1

!

interface Dialer1

mtu 1492

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username xxxxxxx password 7 xxxxxxx

!

ip local pool SDM_POOL_1 192.168.101.115 192.168.101.120

ip local pool Developtools-pool-1 192.168.100.150 192.168.100.155

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer1

no ip http server

ip http secure-server

!

!

ip nat inside source list 101 interface Dialer1 overload

!

access-list 23 permit 192.168.100.0 0.0.0.255

access-list 100 deny   ip 192.168.100.0 0.0.0.255 192.168.101.0 0.0.0.255

access-list 100 permit ip 192.168.100.0 0.0.0.255 any

access-list 101 permit ip 192.168.100.0 0.0.0.255 any

dialer-list 1 protocol ip permit

!

!

!

!

!

!

control-plane

!

!

!

line con 0

line aux 0

line vty 0 4

privilege level 15

transport input telnet ssh

!

scheduler allocate 20000 1000

!

webvpn gateway Developtools-WebVPN

ip address x.x.x.x port 443

ssl trustpoint Developtools-Selfsigned-SSL

inservice

!

webvpn install svc flash:/webvpn/anyconnect-win-2.4.1012-k9.pkg sequence 1

!

webvpn context Developtools

title "Developtools-WebVPN"

secondary-color #9ABEDC

title-color #4186BE

ssl authenticate verify all

!

!

policy group Developtools

   functions svc-enabled

   svc address-pool "Developtools-pool-1"

   svc default-domain "developtools.ln"

   svc keep-client-installed

   svc rekey method new-tunnel

   svc split include 192.168.100.0 255.255.255.0

   svc dns-server primary 213.144.235.1

   svc dns-server secondary 213.144.235.1

default-group-policy Developtools

gateway Developtools-WebVPN

inservice

!

end

272
Views
0
Helpful
0
Replies
CreatePlease to create content