0 Пользователей и 1 Гость просматривают эту тему.
!crypto isakmp client configuration group EZVPN key ****** dns 192.168.1.250 domain prin.local pool EZVPN acl SPLIT_TUNNEL netmask 255.255.255.0!
crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2crypto isakmp client configuration address-pool local EZVPN!crypto isakmp client configuration group EZVPN key ****** dns 192.168.1.250 domain prin.local pool EZVPN acl SPLIT_TUNNEL!!crypto ipsec transform-set 3DES_MD5 esp-3des esp-md5-hmac!crypto dynamic-map DYNAMIC 10set transform-set 3DES_MD5reverse-routecrypto map CMAP client authentication list EZVPNcrypto map CMAP isakmp authorization list EZVPNcrypto map CMAP client configuration address respondcrypto map CMAP 1000 ipsec-isakmp dynamic DYNAMICinterface Vlan1 description LAN ip address 192.168.1.151 255.255.255.0 ip nat inside ip virtual-reassembly ip tcp adjust-mss 1452ip access-list extended NATusers permit ip 192.168.1.0 0.0.0.255 any deny ip 192.168.1.0 0.0.0.255 192.168.1.0 0.0.0.255ip access-list extended Outside permit ahp any host 212.100.140.115 permit icmp any any permit tcp any host 212.100.140.115 eq 22 permit udp any host 212.100.140.115 eq isakmp permit udp any host 212.100.140.115 eq non500-isakmp permit esp any host 212.100.140.115ip access-list extended SPLIT_TUNNEL permit ip 192.168.1.0 0.0.1.255 anyaccess-list 111 permit ip 192.168.1.0 0.0.0.255 any