سلام،
ارتباط بین دو نقطه A (روتر سیسکو 878 و از سمت مخابرات لایه 3 تنظیم شده) و B (روتر سیسکو 1841 که بستر وایرلس است) توسط MPLS برقرار است و تمامی منابع موجود در نقطه B از نقطه A در دسترس می باشد اما از نقطه B فقط میتونم به IP vlan1 روتر دسترسی داشته باشم.
ممنون میشم راهنمائی کنید.
تنظیم نقطه A
کد:
Building configuration...
Current configuration : 3307 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 878
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
no ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip name-server
no ip ips deny-action ips-interface
no ip rcmd domain-lookup
ip rcmd rcp-enable
ip rcmd remote-host sdmR496ccf93 192.168.0.100 L496ccf93 enable
ip rcmd remote-host sdmRc9a34aff 192.168.0.100 Lc9a34aff enable
ip rcmd remote-username sdmRc9a34aff
!
!
crypto pki trustpoint TP-self-signed-591316171
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-591316171
revocation-check none
rsakeypair TP-self-signed-591316171
!
!
crypto pki certificate chain TP-self-signed-591316171
certificate self-signed 01
3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 35393133 31363137 31301E17 0D303230 33303130 33303931
325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3539 31333136
31373130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
C4635431 AF9A7EB3 1084ECD3 B90EBF21 D4F6D432 A6875075 41C81C26 46DA1061
311257D8 52A5E402 1EB6CFF0 F67D239B 34EFE055 96D8FF1D 68C4A342 BAF1B546
CB09069F 8393C3CF D52113FE A1148337 B504CA4B FAA87478 625354D0 0584E06C
6B1AFB7D 55DAE8E6 5D6C1FEC 460E31A8 DB46098B C5B66D36 9FDECDF3 6D9C38E7
02030100 01A36430 62300F06 03551D13 0101FF04 05300301 01FF300F 0603551D
11040830 06820438 37382E30 1F060355 1D230418 30168014 403BD483 09D6714D
60DD8DE7 970A7065 E75B9228 301D0603 551D0E04 16041440 3BD48309 D6714D60
DD8DE797 0A7065E7 5B922830 0D06092A 864886F7 0D010104 05000381 81006DF2
452AD068 0101FD26 A7B9A671 AC584710 342F9EB2 9D64FA33 ABDFC942 468826FA
7FB5C9F5 39D8369F 5EBE2FBD E398726F 6277FBC7 33782A04 EF46D86B 4901E4BF
434955D0 26A74720 9D822C56 9B9EDE1C C6D7B12F 5A19E37D D8723D66 0373AD89
23FFF4E3 EB12B345 41D14BEB A24AC897 D814940B 785C4F1E 949F1BFF DA63
quit
username admin privilege 15 secret 5 $1$isBs$pmgnjVKhqP6jvL044kZvS/
archive
log config
hidekeys
!
!
controller DSL 0
mode atm
line-term cpe
line-mode 4-wire standard
dsl-mode shdsl symmetric annex B
line-rate 4096
!
!
!
!
interface BRI0
no ip address
shutdown
!
interface ATM0
ip address 173.20.56.194 255.255.255.252
ip virtual-reassembly
no atm ilmi-keepalive
pvc 0/35
encapsulation aal5snap
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
ip address 192.168.168.112 255.255.255.0
ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 173.20.56.193 permanent
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
access-list 1 permit 173.17.7.22
access-list 1 permit 11.1140.1.0 0.0.0.255
!
!
control-plane
!
!
line con 0
no modem enable
speed 115200
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end
تنظیم نقطه B:
کد:
Building configuration...
Current configuration : 1704 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1841
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$asRG$JhJoBzftidgDf./ynrABM/
!
aaa new-model
!
!
aaa authentication login default local
!
aaa session-id common
memory-size iomem 15
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
username admin secret 5 $1$h98G$pOgM1z7Vnr35ZCAcisLbT.
!
!
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
!
interface FastEthernet0/0
description Ingress$ETH-LAN$
ip address 11.140.1.112 255.255.255.0
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
description Outgress$ETH-WAN$
ip address 173.17.7.22 255.255.255.252
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 173.17.7.21
!
!
ip http server
no ip http secure-server
!
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.139.1.0 0.0.0.255 192.168.168.0 0.0.0.255
access-list 101 remark SDM_ACL Category=4
access-list 101 remark IPSec Rule
access-list 101 permit ip 10.139.1.0 0.0.0.255 192.168.168.0 0.0.0.255
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
exec-timeout 5 0
logging synchronous
transport input all
escape-character 23
!
scheduler allocate 20000 1000
end
موضوعات مشابه: