Ho un serio dilemma, devo collegarmi da casa al mio ufficio sul server, tramite cisco VPN client, la rete della mia azienda è gestita da una società che mi ha fornito un file di configurazione per effettuare la connessione.
Infatti se con un comune modem 56k tento di connettermi con cisco VPN client riesco ad accedere alla rete del mio ufficio e tutto funziona correttamente(anche il controllo da remoto).
Ma se tento di connettermi con il mio router soho 97(di cui allego la configurazione) non riesco ad accedere più alla rete dell'ufficio, anche se il client vpn sembra connettersi correttamente(allego anche il file di log).
Codice: Seleziona tutto
Current configuration : 4542 bytes
!
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 XXXXXXXXXXXXXX
!
username Router password 7 XXXXXXXXXXXXX
username CRWS_Jaidil privilege 15 password 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
username CRWS_Gayatri privilege 15 password 7 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ip subnet-zero
ip name-server 62.211.69.150
ip name-server 212.48.4.15
ip dhcp excluded-address 192.168.0.1
ip dhcp excluded-address 192.168.0.1 192.168.0.100
ip dhcp excluded-address 192.168.0.131 192.168.0.254
ip dhcp excluded-address 192.168.0.50
ip dhcp excluded-address 192.168.0.10
!
ip dhcp pool CLIENT
import all
network 192.168.0.0 255.255.255.0
default-router 192.168.0.1
lease 0 2
!
!
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
no aaa new-model
!
!
!
!
no crypto isakmp enable
!
!
!
interface Ethernet0
description CRWS Generated text. Please do not delete this:192.168.0.1-255.255.255.0
ip address 192.168.0.1 255.255.255.0 secondary
ip address 10.10.10.1 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
no ip address
no ip mroute-cache
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface Dialer1
ip address negotiated
ip access-group 111 in
ip nat outside
ip inspect myfw out
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXXXXXXXXXXXXXXXXXXXX
ppp chap password 7 xxxxxxxxxxxxxxxxxxxx
ppp pap sent-username XXXXXXXXXXXXX password 7 XXXXXXXXXX
ppp ipcp dns request
ppp ipcp wins request
hold-queue 224 in
!
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
no ip http secure-server
ip nat inside source list 102 interface Dialer1 overload
ip nat inside source static tcp 192.168.0.50 2593 interface Dialer1 2593
ip nat inside source static udp 192.168.0.10 30000 interface Dialer1 30000
ip nat inside source static tcp 192.168.0.10 6462 interface Dialer1 6462
ip nat inside source static udp 192.168.0.10 6472 interface Dialer1 6472
ip nat inside source static udp 192.168.0.10 4500 interface Dialer1 4500
ip nat inside source static udp 192.168.0.10 500 interface Dialer1 500
ip nat inside source static tcp 192.168.0.10 6881 interface Dialer1 6881
ip nat inside source static tcp 192.168.0.50 9998 interface Dialer1 9998
ip nat inside source static udp 192.168.0.50 9999 interface Dialer1 9999
!
!
access-list 23 permit 192.168.0.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 192.168.0.0 0.0.0.255 any
access-list 111 permit udp any any eq 9999
access-list 111 permit tcp any any eq 9998
access-list 111 permit tcp any any eq 6881
access-list 111 permit udp any any eq 6472
access-list 111 permit tcp any any eq 6462
access-list 111 permit udp any any eq 30000
access-list 111 permit tcp any any eq 2593
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any traceroute
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq bootps any eq bootpc
access-list 111 permit udp any eq bootps any eq bootps
access-list 111 permit udp any eq domain any
access-list 111 permit esp any any
access-list 111 permit udp any any eq isakmp
access-list 111 permit udp any any eq 10000
access-list 111 permit tcp any any eq 1723
access-list 111 permit tcp any any eq 139
access-list 111 permit udp any any eq netbios-ns
access-list 111 permit udp any any eq netbios-dgm
access-list 111 permit gre any any
access-list 111 deny ip any any
dialer-list 1 protocol ip permit
!
control-plane
!
!
line con 0
exec-timeout 120 0
no modem enable
transport preferred all
transport output all
stopbits 1
line aux 0
transport preferred all
transport output all
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
transport preferred all
transport input all
transport output all
!
scheduler max-task-time 5000
!
end
Codice: Seleziona tutto
Cisco Systems VPN Client Version 4.8.00.0440
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.2.3790 Service Pack 1
Config file directory: C:\Programmi\Cisco Systems\VPN Client\
1 18:37:59.703 01/22/07 Sev=Warning/3 GUI/0xA3B0000B
Reloaded the Certificates in all Certificate Stores successfully.
2 18:50:12.609 01/22/07 Sev=Warning/2 CVPND/0xA3400015
Error with call to IpHlpApi.DLL: DeleteIpForwardEntry, error 1413
Vi prego aiuto! Cosa può essere? Perchè su 56k và e dietro router no?