Подскажите начинающему куда лезть !!! есть 2 циски 871 851 хотелось сделать vpn полазив по простору полез в инглишь маны сделл так вот по таким пунктам:Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
Configure Group Policy Information 5
Apply Mode Configuration to the Crypto Map 6
Enable Policy Lookup 6
Configure IPSec Transforms and Protocols 7
Configure the IPSec Crypto Method and Parameters 8
Apply the Crypto Map to the Physical Interface 9
Create an Easy VPN Remote Configuration 10
Verifying Your Easy VPN Configuration 11
Вот конф клиент
Current configuration : 1197 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname neron
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$lwUg$YDZt1xKFdyQtNeImhY31G.
enable password 4545
!
no aaa new-model
!
!
dot11 syslog
!
!
ip cef
ip name-server 8.8.8.8
!
!
!
!
!
!
crypto ipsec client ezvpn ezvpnclient
connect auto
group ezvpnclient key 423705
mode client
peer xx.xx.xx.xx
xauth userid mode interactive
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
shutdown
!
interface FastEthernet1
shutdown
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
ip address 192.168.5.25 255.255.255.0
ip nat outside
ip virtual-reassembly
speed auto
full-duplex
crypto ipsec client ezvpn ezvpnclient
!
interface Vlan1
no ip address
shutdown
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.5.1
!
ip http server
no ip http secure-server
ip dns server
ip nat inside source list 1 interface FastEthernet4 overload
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
password 4545
login
!
scheduler max-task-time 5000
end
вот сервер
---------------------------------------------------------
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname tarpeda
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$lulD$dFGfwA0JjpI4cYzDJ8Vwi.
enable password 423705
!
aaa new-model
!
!
aaa authentication login rtr-remote local
aaa authorization network rtr-remote local
!
!
aaa session-id common
!
!
dot11 syslog
ip cef
!
!
ip name-server 8.8.8.8
!
!
!
!
no spanning-tree vlan 2
username cisco privilege 15 password 0 cisco
username danil password 0 423705
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 480
!
crypto isakmp client configuration group rtr-remote
key 423705
dns 10.50.10.1
domain vpn22
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac
!
crypto dynamic-map dynmap 1
set transform-set vpn1
reverse-route
!
!
crypto map duymap isakmp authorization list rtr-remote
!
crypto map dynmap isakmp authorization list rtr-remote
crypto map dynmap client configuration address respond
!
crypto map static-map 1 ipsec-isakmp dynamic dynmap
!
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
switchport access vlan 2
shutdown
!
interface FastEthernet2
shutdown
!
interface FastEthernet3
shutdown
!
interface FastEthernet4
description dianet
ip address xx.xx.xx.xx 255.255.255.248
ip access-group outside in
ip nat outside
ip nat enable
ip virtual-reassembly
speed auto
full-duplex
crypto map static-map
!
interface Vlan1
ip address 192.168.0.245 255.255.255.0
ip access-group inside in
ip nat inside
ip virtual-reassembly
!
interface Vlan2
description metro
ip address 192.168.5.25 255.255.255.0
ip access-group inside in
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface Dialer0
no ip address
!
ip local pool dynpool 30.30.30.20 30.30.30.30
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 xx.xx.xx.xx
!
no ip http server
no ip http secure-server
ip nat inside source list 1 interface FastEthernet4 overload
!
access-list 1 permit 192.168.0.0 0.0.0.255
no cdp run
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
password 423705
transport input telnet
!
scheduler max-task-time 5000
end
1) Как мне вручную интерфейс перезапустить ?
2) Народ подскажите где инфу рыть или всё на английском ,
Вариант для распечатки
on 23-Май-12, 15:08 
