Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
448
Views
0
Helpful
2
Replies

remote router not work

pcfreak49
Level 1
Level 1

‎03-27-2012 11:33 AM

I have a problem I can not connect to the remote router, how can you fix that?

is is the current running config


!
! Last configuration change at 20:35:58 UTC Tue Mar 27 2012 by Tim
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
!
!
!
!
!
aaa session-id common
!
clock timezone UTC 1
clock summer-time UTC recurring
clock calendar-valid
service-module wlan-ap 0 bootimage autonomous
!
crypto pki trustpoint TP-self-signed-1543950434
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1543950434
revocation-check none
rsakeypair TP-self-signed-1543950434
!
!
crypto pki certificate chain TP-self-signed-1543950434
certificate self-signed 01
  30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31353433 39353034 3334301E 170D3132 30333036 31393539
  34335A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 35343339
  35303433 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100C36F 8A3BAC71 481BC354 EB274105 07D37E4F BD9CE8AA 7A5D60A4 974AB4AE
  6E4D60A2 60067AB8 0F63A755 0C6D8357 7BFB4F9E 00C01D4F EEE921C1 784B5780
  810C7D56 D3047AE5 25353CF8 72248830 FAB69DAA F1F0DC42 901E9B34 33D70CD9
  E3F584F2 CF0E4BF0 DD6212E3 6600923E E55F63A7 0FF4E900 EF486B0D 2F4929A2
  4F530203 010001A3 70306E30 0F060355 1D130101 FF040530 030101FF 301B0603
  551D1104 14301282 1052312E 63757273 6973742E 6C6F6361 6C301F06 03551D23
  04183016 80141244 691E3E8D 2F8A97D9 6863DA46 663A149C 7C34301D 0603551D
  0E041604 14124469 1E3E8D2F 8A97D968 63DA4666 3A149C7C 34300D06 092A8648
  86F70D01 01040500 03818100 4FB84303 1528BD91 B524C2E5 94A2C9CD 244F9452
  91373F09 25743A4B EB6CC809 3AA80E47 12F60A4F 3D4CB5E9 F00F99F5 84B9BD6C
  0F6741C2 C9CE299C 9785DFCF FDFCB220 BFABA24D 88A9F976 F6844240 CF4B3879
  53A30024 804758C8 D325930A 23112429 A74188F2 245950A0 7BD117A0 66D8C9EA
  DA483FDC 89949E0D 9CA99F73
   quit
ip source-route
!
!
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.20.1
ip dhcp excluded-address 10.10.30.1
ip dhcp excluded-address 10.10.40.1
ip dhcp excluded-address 10.10.50.1
ip dhcp excluded-address 10.10.60.1
ip dhcp excluded-address 10.10.70.1
ip dhcp excluded-address 10.10.80.1
ip dhcp excluded-address 10.10.90.1
ip dhcp excluded-address 10.10.100.1
ip dhcp excluded-address 10.10.101.1
ip dhcp excluded-address 10.10.102.1
!
ip dhcp pool Wired-CISCO_R1_100Mbps_Home
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 10.10.10.1
   lease infinite
!
ip dhcp pool Wireless-CISCO_R1_2.4GHZ_Private
   import all
   network 10.10.20.0 255.255.255.0
   default-router 10.10.20.1
   dns-server 10.10.20.1
   lease infinite
!
!
ip cef
ip domain name cursist.local
ip name-server 195.130.130.131
ip name-server 195.130.131.4
ip dhcp-server 195.130.137.3
ip dhcp-client update dns
no ipv6 cef
!
!
!
!
username Tim privilege 15 secret 5 $1$4rte$gH2/BK9Z3mKQI.owGI8eL.
username Cisco privilege 14 secret 5 $1$aLzA$TmjIxA44ohxtJMB9iccZZ/
!
!
!
!
ip ssh rsa keypair-name R1.cursist.local
ip ssh version 2
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 16
crypto isakmp key Cisco12345 address 84.197.160.170
!
crypto isakmp client configuration group vpn
key sdmsdm
pool SDM_POOL_1
netmask 255.255.255.0
!
!
crypto ipsec transform-set T1 ah-sha-hmac esp-aes 256 esp-sha-hmac comp-lzs
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto ipsec profile P1
set transform-set T1
!
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
!
!
interface Tunnel0
no ip address
!
interface Tunnel1
ip address 10.11.11.1 255.255.255.0
shutdown
tunnel source GigabitEthernet0
tunnel mode ipsec ipv4
tunnel destination 84.197.160.170
tunnel protection ipsec profile P1
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
isdn termination multidrop
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
!
interface FastEthernet5
!
interface FastEthernet6
!
interface FastEthernet7
!
interface FastEthernet8
ip address 84.196.169.102 255.255.240.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface GigabitEthernet0
ip address dhcp client-id GigabitEthernet0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map SDM_CMAP_1
!
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
arp timeout 0
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
!
interface Vlan1
description Wired CISCO_R1_100Mbps
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1460
!
interface Vlan2
description Wireless CISCO_R1_2.4GHZ_Private
ip address 10.10.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1460
!
!
!
ip local pool SDM_POOL_1 192.168.2.1 192.168.2.5
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip nat inside source list ACLG interface GigabitEthernet0 overload
ip nat inside source static tcp 10.10.20.1 513 interface GigabitEthernet0 6000
ip nat inside source static tcp 10.10.20.1 22 interface GigabitEthernet0 5000
ip nat inside source static tcp 10.10.10.1 23 interface GigabitEthernet0 8000
!
ip access-list extended ACLG
permit ip 10.10.10.0 0.0.0.255 any
permit ip 10.10.20.0 0.0.0.255 any
permit ip 10.10.30.0 0.0.0.255 any
permit ip 10.10.40.0 0.0.0.255 any
permit ip 10.10.50.0 0.0.0.255 any
permit ip 10.10.60.0 0.0.0.255 any
permit ip 10.10.70.0 0.0.0.255 any
permit ip 10.10.80.0 0.0.0.255 any
permit ip 10.10.90.0 0.0.0.255 any
permit ip 10.10.100.0 0.0.0.255 any
permit ip 10.10.101.0 0.0.0.255 any
permit ip 10.10.102.0 0.0.0.255 any
deny   ip host 10.10.255.1 host 10.20.255.1
!
logging 10.11.11.2
logging 10.20.10.1
no cdp run

!
!
!
!
!
!
!
control-plane
!
banner login 


This router is property of :

Tim Mees

Any unauthorized access or attempt to access is explicitly forbidden.

Contact:

Tim Mees
Pctechnician Networkadministrator Webmaster

!
line con 0
line 2
no activation-character
no exec
transport preferred none
transport input telnet ssh
transport output pad telnet rlogin udptn ssh
line aux 0
line vty 0 4
privilege level 15
transport input telnet rlogin ssh
line vty 5 15
privilege level 15
transport input telnet rlogin ssh
!
scheduler max-task-time 5000
ntp update-calendar
ntp server 65.55.21.16
end

Labels:
0 Helpful
2 Replies 2

Jeff Van Houten
Level 5
Level 5

‎03-27-2012 06:58 PM

Add the following

Config t

Line vty 0 15

Login local

Sent from Cisco Technical Support iPad App

0 Helpful

pcfreak49
Level 1
Level 1
In response to Jeff Van Houten

‎03-27-2012 11:53 PM

I used that but can not connect to the vpn router romote

0 Helpful
Customers Also Viewed These Support Documents