11-07-2002 09:53 AM - edited 02-20-2020 09:19 PM
The ACL apply to the Group Asyn 1 interface isn't work.
I need filter the traffic that isn't encripted that point to 192.168.10.11 ip address (loopback 0).
This is the configuration:
interface Loopback0
ip address 192.168.10.11 255.255.255.0
interface Group-Async1
ip unnumbered Loopback0
ip access-group 101 in
ip nat inside
encapsulation ppp
ip tcp header-compression
no logging event link-status
async mode interactive
peer default ip address pool ippool
ppp max-bad-auth 3
ppp callback accept
ppp authentication chap pap ppp_users
group-range 33 48
crypto map empleado
access-list 101 permit esp 192.168.10.0 0.0.0.31 host 192.168.10.11
access-list 101 permit udp 192.168.10.0 0.0.0.31 host 192.168.10.11 eq isakmp
access-list 101 permit ip 192.168.2.0 0.0.0.31 11.0.0.0 0.255.255.255
access-list 101 deny ip any host 192.168.10.11
Note that use nat inside in group asyn 1 interface.
The router is a cisco 2612, the Version is 12.2(6r)
Thanks in advace
11-13-2002 08:52 AM
Which protocol are you using for authentication? If it's AH, I don't see a permit statement corresponding to it.
11-14-2002 04:27 AM
I have using ESP for all.
I establish the connection OK. The problem is that I can't filter the traffic point to de loopback 0. By example I need filter the Telnet request a this interface.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide