سلام،
ارتباط بین دو نقطه A (روتر سیسکو 878 و از سمت مخابرات لایه 3 تنظیم شده) و B (روتر سیسکو 1841 که بستر وایرلس است) توسط MPLS برقرار است و تمامی منابع موجود در نقطه B از نقطه A در دسترس می باشد اما از نقطه B فقط میتونم به IP vlan1 روتر دسترسی داشته باشم.
ممنون میشم راهنمائی کنید.
تنظیم نقطه A
کد:
Building configuration...

Current configuration : 3307 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 878
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 warnings
!
no aaa new-model
!
resource policy
!
no ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
no ip name-server
no ip ips deny-action ips-interface
no ip rcmd domain-lookup
ip rcmd rcp-enable
ip rcmd remote-host sdmR496ccf93 192.168.0.100 L496ccf93 enable
ip rcmd remote-host sdmRc9a34aff 192.168.0.100 Lc9a34aff enable
ip rcmd remote-username sdmRc9a34aff
!
!
crypto pki trustpoint TP-self-signed-591316171
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-591316171
 revocation-check none
 rsakeypair TP-self-signed-591316171
!
!
crypto pki certificate chain TP-self-signed-591316171
 certificate self-signed 01
  3082023A 308201A3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 35393133 31363137 31301E17 0D303230 33303130 33303931 
  325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3539 31333136 
  31373130 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  C4635431 AF9A7EB3 1084ECD3 B90EBF21 D4F6D432 A6875075 41C81C26 46DA1061 
  311257D8 52A5E402 1EB6CFF0 F67D239B 34EFE055 96D8FF1D 68C4A342 BAF1B546 
  CB09069F 8393C3CF D52113FE A1148337 B504CA4B FAA87478 625354D0 0584E06C 
  6B1AFB7D 55DAE8E6 5D6C1FEC 460E31A8 DB46098B C5B66D36 9FDECDF3 6D9C38E7 
  02030100 01A36430 62300F06 03551D13 0101FF04 05300301 01FF300F 0603551D 
  11040830 06820438 37382E30 1F060355 1D230418 30168014 403BD483 09D6714D 
  60DD8DE7 970A7065 E75B9228 301D0603 551D0E04 16041440 3BD48309 D6714D60 
  DD8DE797 0A7065E7 5B922830 0D06092A 864886F7 0D010104 05000381 81006DF2 
  452AD068 0101FD26 A7B9A671 AC584710 342F9EB2 9D64FA33 ABDFC942 468826FA 
  7FB5C9F5 39D8369F 5EBE2FBD E398726F 6277FBC7 33782A04 EF46D86B 4901E4BF 
  434955D0 26A74720 9D822C56 9B9EDE1C C6D7B12F 5A19E37D D8723D66 0373AD89 
  23FFF4E3 EB12B345 41D14BEB A24AC897 D814940B 785C4F1E 949F1BFF DA63
  quit
username admin privilege 15 secret 5 $1$isBs$pmgnjVKhqP6jvL044kZvS/
archive
 log config
  hidekeys
!
!
controller DSL 0
 mode atm
 line-term cpe
 line-mode 4-wire standard
 dsl-mode shdsl symmetric annex B
 line-rate 4096
! 
!
!
!
interface BRI0
 no ip address
 shutdown
!
interface ATM0
 ip address 173.20.56.194 255.255.255.252
 ip virtual-reassembly
 no atm ilmi-keepalive
 pvc 0/35 
  encapsulation aal5snap
 !
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
 ip address 192.168.168.112 255.255.255.0
 ip virtual-reassembly
!
ip classless
ip route 0.0.0.0 0.0.0.0 173.20.56.193 permanent
!
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
!
access-list 1 permit 173.17.7.22
access-list 1 permit 11.1140.1.0 0.0.0.255
!
!
control-plane
!
!
line con 0
 no modem enable
 speed 115200
line aux 0
line vty 0 4
 privilege level 15
 login local
 transport input telnet ssh
!
scheduler max-task-time 5000
end
تنظیم نقطه B:
کد:
Building configuration...

Current configuration : 1704 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 1841
!
boot-start-marker
boot-end-marker
!
no logging buffered
enable secret 5 $1$asRG$JhJoBzftidgDf./ynrABM/
!
aaa new-model
!
!
aaa authentication login default local
!
aaa session-id common
memory-size iomem 15
ip cef
!
!
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
username admin secret 5 $1$h98G$pOgM1z7Vnr35ZCAcisLbT.
!
!
! 
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac 
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac 
!
!
interface FastEthernet0/0
 description Ingress$ETH-LAN$
 ip address 11.140.1.112 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description Outgress$ETH-WAN$
 ip address 173.17.7.22 255.255.255.252
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 173.17.7.21
!
!
ip http server
no ip http secure-server
!
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 10.139.1.0 0.0.0.255 192.168.168.0 0.0.0.255
access-list 101 remark SDM_ACL Category=4
access-list 101 remark IPSec Rule
access-list 101 permit ip 10.139.1.0 0.0.0.255 192.168.168.0 0.0.0.255
!
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line vty 0 4
 exec-timeout 5 0
 logging synchronous
 transport input all
 escape-character 23
!
scheduler allocate 20000 1000
end




موضوعات مشابه: