En faite, j'utilise un domaine de routage RIP Version 2.

Dois je changer ce domaine de routage ?

Bonjour, 

J'ai essayer de joindre la configuration des 2 routeurs mais je n'ai pas pu le faire. 

S'il vous plait pouvez m'expliquer comment le faire.

Merci 

Je ne comprends pas...

--> J'ai essayer de joindre la configuration des 2 routeurs mais je n'ai pas pu le faire. 

?

Router 1

hostname R1
!
ip cef
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp key VPN.AL-zene#20@ address 10.1.1.2
!
crypto ipsec transform-set vpn-set esp-3des esp-md5-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 10.1.1.2
set transform-set vpn-set
match address vpn-traffic
!
interface FastEthernet0/0
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.1.1 255.0.0.0
ip nat outside
duplex auto
speed auto
crypto map vpn-map
!
router rip
version 2
network 10.0.0.0
network 192.168.1.0
no auto-summary
!
ip nat inside source list 100 interface FastEthernet0/1 overload
ip access-list extended vpn-traffic
permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 permit ip 192.168.1.0 0.0.0.255 any

Router 3

hostname R3
!
ip cef
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp key VPN.AL-zene#20@ address 10.1.1.1
!
crypto ipsec transform-set vpn-set esp-3des esp-md5-hmac
!
crypto map vpn-map 10 ipsec-isakmp
set peer 10.1.1.1
set transform-set vpn-set
match address vpn-traffic
!
interface FastEthernet0/0
ip address 192.168.2.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.1.1.2 255.0.0.0
ip nat outside
duplex auto
speed auto
crypto map vpn-map
!
router rip
version 2
network 10.0.0.0
network 192.168.2.0
no auto-summary
!
ip nat inside source list 100 interface FastEthernet0/1 overload
!
ip access-list extended vpn-traffic
permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.2.0 0.0.0.255 any

Bonjour, 

Apres que j'ai effectué ma configuration pour le VPN, je constate qu'il n'y a pas de trafics.

voila ce que j'obtiens comme résultat.

interface: FastEthernet0/1

Crypto map tag: vpn-map, local addr 10.1.1.1

protected vrf: (none)

local ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)

remote ident (addr/mask/prot/port): (192.168.20.0/255.255.255.0/0/0)

current_peer 172.16.1.1 port 500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0

#pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0

#pkts not decompressed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 10.1.1.1, remote crypto endpt.:172.16.1.1

path mtu 1500, ip mtu 1500, ip mtu idb FastEthernet0/1

current outbound spi: 0x0(0)

inbound esp sas:

Cordialement.

Bonjour,

il faut joindre les configurations des routeurs...(sh run)...