|
- 社区积分
- 131
- 技术积分
- 1460
- 阅读权限
- 40
- 注册时间
- 2007-7-21
论坛徽章 2 |
楼主
发表于 2007-8-19 10:28
| 只看该作者
3620的PPTP拨号及VPN拨号配置
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname htc3620
!
aaa new-model
aaa authentication login userauth local
aaa authorization network groupauth local
enable secret 5 $1$xYcx$hdxZ6gKL.nYnY94i41uNb.
!
username cisco password 0 cisco
ip subnet-zero
!
!
!
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
crypto isakmp policy 3
authentication pre-share
group 2
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
crypto isakmp client configuration address-pool local ippool
!
!
crypto ipsec transform-set myset esp-des esp-sha-hmac
!
crypto dynamic-map dynmap 10
set transform-set myset
!
!
crypto map clientmap local-address FastEthernet1/1
crypto map clientmap client authentication list userauth
crypto map clientmap isakmp authorization list groupauth
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
call rsvp-sync
!
!
!
!
!
!
!
!
interface FastEthernet1/0
ip address 192.168.1.251 255.255.255.0
ip nat inside
duplex auto
speed auto
crypto map clientmap
!
interface FastEthernet1/1
ip address 221.12.26.234 255.255.255.240
ip nat outside
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered FastEthernet1/1
peer default ip address pool default
ppp encrypt mppe 40 stateful
ppp authentication chap pap ms-chap
!
ip local pool default 192.168.1.60 192.168.1.80
ip local pool ippool 192.168.30.1 192.168.30.10
ip nat translation tcp-timeout 300
ip nat translation udp-timeout 40
ip nat translation syn-timeout 10
ip nat translation icmp-timeout 10
ip nat translation max-entries 3500
ip nat pool cisco 221.12.26.234 221.12.26.234 netmask 255.255.255.240
ip nat inside source list 1 pool cisco overload
ip classless
ip route 0.0.0.0 0.0.0.0 218.108.34.65
ip route 0.0.0.0 0.0.0.0 221.12.26.235
ip route 192.168.1.0 255.255.255.0 192.168.1.254
ip route 192.168.2.0 255.255.255.0 192.168.1.254
ip route 192.168.3.0 255.255.255.0 192.168.1.254
ip route 192.168.4.0 255.255.255.0 192.168.1.254
ip route 192.168.5.0 255.255.255.0 192.168.1.254
ip route 192.168.6.0 255.255.255.0 192.168.1.254
ip route 192.168.7.0 255.255.255.0 192.168.1.254
ip route 192.168.8.0 255.255.255.0 192.168.1.254
ip route 192.168.9.0 255.255.255.0 192.168.1.254
ip route 192.168.10.0 255.255.255.0 192.168.1.254
ip route 192.168.11.0 255.255.255.0 192.168.1.254
ip route 192.168.20.0 255.255.255.0 192.168.1.254
ip route 192.168.21.0 255.255.255.0 192.168.1.254
ip route 192.168.22.0 255.255.255.0 192.168.1.254
no ip http server
! |
|
