Statistiche: Inviato da dagoma — lun 06 feb , 2023 5:59 pm
Statistiche: Inviato da giobaxx — gio 02 apr , 2020 6:41 pm
Statistiche: Inviato da S0nic — mer 16 ott , 2019 11:35 pm
Codice:
pix(config-tunnel-ipsec)# tunnel-group DefaultRAGroup ppp-attributes ^ERROR: % Invalid input detected at '^' marker.pix(config-tunnel-ipsec)# no authentication chap ^ERROR: % Invalid input detected at '^' marker.pix(config-tunnel-ipsec)# authentication ms-chap-v2 ^ERROR: % Invalid input detected at '^' marker.
Codice:
ip local pool clientVPNpool 10.4.5.10-10.4.5.20 mask 255.255.255.0group-policy DefaultRAGroup internalgroup-policy DefaultRAGroup attributes dns-server value 8.8.8.8 vpn-tunnel-protocol ipsec default-domain value domain.netcrypto ipsec transform-set TRANS_ESP_3DES_MD5 esp-3des esp-md5-hmaccrypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmaccrypto dynamic-map outside_dyn_map 20 set transform-set TRANS_ESP_3DES_MD5crypto map outside_map 20 ipsec-isakmp dynamic outside_dyn_mapcrypto map outside_map interface outsidecrypto isakmp enable outsidecrypto isakmp nat-traversal 20crypto isakmp policy 10 authentication pre-sharecrypto isakmp policy 10 encryption 3descrypto isakmp policy 10 hash shacrypto isakmp policy 10 group 2crypto isakmp policy 10 lifetime 86400tunnel-group DefaultRAGroup general-attributes address-pool clientVPNpool authentication-server-group (outside) LOCALdefault-group-policy DefaultRAGrouptunnel-group DefaultRAGroup ipsec-attributes pre-shared-key *tunnel-group DefaultRAGroup ppp-attributes no authentication chap authentication ms-chap-v2
Codice:
# sh verCisco PIX Security Appliance Software Version 7.1(2)Compiled on Tue 14-Mar-06 17:00 by daleckiSystem image file is "flash:/pix712.bin"Config file at boot was "startup-config"
Statistiche: Inviato da S0nic — mar 15 ott , 2019 4:23 pm
Statistiche: Inviato da S0nic — mar 15 ott , 2019 11:52 am
Codice:
ASA Version 9.8(2)!hostname *********enable password *****passwd ***** encryptednamesip local pool VPNPOOL 10.0.3.171-10.0.3.174 mask 255.255.255.0!interface GigabitEthernet1/1 nameif outside security-level 0 ip address 192.168.0.254 255.255.255.0!interface GigabitEthernet1/2 nameif inside security-level 100 ip address 10.0.3.254 255.255.255.0!interface GigabitEthernet1/3 no nameif security-level 100 no ip address!interface GigabitEthernet1/4 no nameif security-level 100 no ip address!interface GigabitEthernet1/5 no nameif security-level 100 no ip address!interface GigabitEthernet1/6 no nameif security-level 100 no ip address!interface GigabitEthernet1/7 no nameif security-level 100 no ip address!interface GigabitEthernet1/8 no nameif security-level 100 no ip address!interface Management1/1 management-only no nameif no security-level no ip address!ftp mode passiveobject network LAN subnet 10.0.3.0 255.255.255.0object network obj-ALL subnet 0.0.0.0 0.0.0.0object network obj-linuxsrv_old host 10.0.3.194access-list OUTSIDE extended permit ip any anyaccess-list OUTSIDE extended permit tcp any host 10.0.3.194 eq sshaccess-list split_tunnel_acl standard permit 10.0.3.0 255.255.255.0pager lines 24logging asdm informationalmtu outside 1500mtu inside 1500icmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400no arp permit-nonconnectedarp rate-limit 16384nat (inside,outside) source static LAN LAN destination static LAN LAN!object network obj-ALL nat (inside,outside) dynamic interfaceobject network obj-linuxsrv_old nat (inside,outside) static interface service tcp ssh 2222access-group OUTSIDE in interface outsideroute outside 0.0.0.0 0.0.0.0 192.168.0.1 1timeout xlate 3:00:00timeout pat-xlate 0:00:30timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolutetimeout tcp-proxy-reassembly 0:01:00timeout floating-conn 0:00:00timeout conn-holddown 0:00:15timeout igp stale-route 0:01:10user-identity default-domain LOCALaaa authentication ssh console LOCALaaa authentication login-historyno snmp-server locationno snmp-server contactservice sw-reset-buttoncrypto ipsec ikev1 transform-set HIGH esp-aes-256 esp-sha-hmaccrypto ipsec security-association pmtu-aging infinitecrypto dynamic-map vpnclient 65535 set ikev1 transform-set HIGHcrypto map castelnuovo 65535 ipsec-isakmp dynamic vpnclientcrypto map castelnuovo interface outsidecrypto ca trustpoint SSL-SELF enrollment self fqdn **** subject-name CN=**** keypair SSL-Keypair crl configurecrypto ca trustpoint SSL-Keypair enrollment terminal fqdn **** subject-name *** serial-number keypair SSL-Keypair crl configurecrypto ca trustpoint localtrust enrollment self fqdn **** subject-name **** keypair SSL-Keypair crl configurecrypto ca trustpool policycrypto isakmp identity addresscrypto isakmp nat-traversal 3600crypto isakmp disconnect-notifycrypto isakmp reload-waitcrypto ikev1 enable outsidecrypto ikev1 policy 10 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400telnet timeout 5ssh stricthostkeycheckssh ********* 255.255.255.255 outsidessh 10.0.3.0 255.255.255.0 insidessh timeout 10ssh version 2ssh key-exchange group dh-group1-sha1console timeout 0dhcpd dns 8.8.8.8 8.8.4.4dhcpd lease 86400!dhcpd address 10.0.3.175-10.0.3.189 insidedhcpd enable inside!threat-detection basic-threatthreat-detection statistics access-listno threat-detection statistics tcp-interceptwebvpn anyconnect image disk0:/anyconnect-win-4.4.00243-webdeploy-k9.pkg 1 tunnel-group-list enable cache disable error-recovery disablegroup-policy SSL_POLICY internalgroup-policy SSL_POLICY attributes vpn-tunnel-protocol ssl-client ssl-clientless address-pools value VPNPOOL webvpn anyconnect keep-installer installedgroup-policy VPNCLIENTPOLICY internalgroup-policy VPNCLIENTPOLICY attributes vpn-tunnel-protocol ikev1 split-tunnel-policy tunnelspecified split-tunnel-network-list value split_tunnel_acldynamic-access-policy-record DfltAccessPolicyusername ***** password ******* privilege 15tunnel-group SSLCLIENT type remote-accesstunnel-group SSLCLIENT general-attributes address-pool VPNPOOLtunnel-group SSLCLIENT webvpn-attributes group-alias ******* enabletunnel-group VPNCLIENT type remote-accesstunnel-group VPNCLIENT general-attributes address-pool VPNPOOLtunnel-group VPNCLIENT ipsec-attributes ikev1 pre-shared-key ***** isakmp keepalive threshold 15 retry 10!class-map inspection_default match default-inspection-traffic!!policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512 no tcp-inspectionpolicy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options!service-policy global_policy globalprompt hostname contextno call-home reporting anonymous: end
Statistiche: Inviato da giankyfava — lun 10 dic , 2018 10:51 am
Statistiche: Inviato da xmatrix83 — sab 18 nov , 2017 11:34 am
Statistiche: Inviato da overflow1980 — ven 04 ago , 2017 9:32 am
version 15.1
service timestamps debug datetime localtime
service timestamps log datetime localtime
no service password-encryption
!
hostname cisco
!
boot-start-marker
boot system flash c2800nm-adventerprisek9-mz.151-4.M12a.bin
boot-end-marker
!
!
enable secret 5 ...............................
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization exec default local
aaa authorization network default local if-authenticated
!
!
!
!
!
aaa session-id common
!
clock timezone Rome 1 0
clock summer-time Rome recurring last Sun Mar 2:00 last Sun Oct 3:00
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
ip name-server 151.99.0.100
ip name-server 151.99.125.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
vpdn enable
!
vpdn-group L2TP
! Default L2TP VPDN group
accept-dialin
protocol l2tp
virtual-template 1
no l2tp tunnel authentication
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
!+
archive
log config
hidekeys
username YYYYYYYYYYYYY password 0 XXXXXXXXXXXXXXX
!
redundancy
!
!
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
lifetime 3600
crypto isakmp key ***********CHIAVE_PRE_SHARED**************** address 0.0.0.0 0.0.0.0 no-xauth
crypto isakmp keepalive 3600
!
!
crypto ipsec transform-set ipnetconfig esp-3des esp-sha-hmac
mode transport
!
crypto dynamic-map ipnetconfig-map 10
set nat demux
set transform-set ipnetconfig
!
!
crypto map cisco 10 ipsec-isakmp dynamic ipnetconfig-map
!
!
!
!
!
!
interface GigabitEthernet0/0
description lan interna
ip address 192.168.14.1 255.255.0.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/1
description lan pubblica
ip address 81.xx.xx.74 255.255.255.248
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map cisco
!
interface Virtual-Template1
ip unnumbered GigabitEthernet0/0
ip nat inside
ip virtual-reassembly in
peer default ip address pool poolipnetconfig
ppp encrypt mppe 40
ppp authentication ms-chap-v2
!
ip local pool poolipnetconfig 192.168.14.50 192.168.14.100
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip nat pool BB 81.xx.xx.74 81.xx.xx.74 netmask 255.255.255.248
ip nat inside source list 20 pool BB overload
ip route 0.0.0.0 0.0.0.0 81.xx.xx.73
!
access-list 20 permit 192.168.0.0 0.0.255.255
no cdp run
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 240 0
transport input none
!
scheduler allocate 20000 1000
ntp server 212.45.144.88 prefer
end
Statistiche: Inviato da consultazione — lun 31 lug , 2017 11:11 pm
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system usbflash0:c2800nm-adventerprisek9-mz.151-4.M12a.bin
boot-end-marker
!
!
!
no aaa new-model
!
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
no ipv6 cef
l2tp-class l2tpclass1
hidden
authentication
password ***********CHIAVE_PRE_SHARED************
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
!
crypto pki token default removal timeout 0
!
!
redundancy
!
!
pseudowire-class pwclass1
encapsulation l2tpv2
protocol l2tpv2 l2tpclass1
ip local interface GigabitEthernet0/0
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
ip address 81.xx.xx.75 255.255.255.248
duplex auto
speed auto
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
interface Virtual-PPP1
ip address negotiated
ip mtu 1460
ip flow ingress
ip flow egress
ip virtual-reassembly in
ip tcp adjust-mss 1420
ppp chap hostname ******USERNAME********
ppp chap password 0 ******PASSWORD********
pseudowire ******SERVER_VPN_IP******* 10 pw-class pwclass1
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
mgcp profile default
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end
Statistiche: Inviato da consultazione — lun 31 lug , 2017 10:55 pm