1. Home
  2. Virtual Private Networks
  3. Configuring a vpn with

Configuring a vpn with

I have some problems with the configuration of a ipsec VPN between a cisco 827 router and a Sonicwall 4060. The status of the tunnels is ok (IKE and IPSEC), but hosts doesn=B4t comunicate. The problem is problaby the nat or any access list, could someone help me??

Regards

This is the configuration:

---------------------------------------------------------------------------=

------------------------------------ Current configuration : 1762 bytes ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname testing ! enable secret 5 $1$tCeE$HbJVPnsXI0t5yO/BzN.Zu/ ! no aaa new-model ip subnet-zero ! ! ip audit notify log ip audit po max-events 100 no ftp-server write-enable ! ! ! ! crypto isakmp policy 15 encr 3des authentication pre-share group 2 lifetime 28800 crypto isakmp key 0 password address 83.97.195.248 ! crypto ipsec security-association lifetime seconds 28800 ! crypto ipsec transform-set strongsha esp-3des esp-sha-hmac ! crypto map tosonicwall 15 ipsec-isakmp set peer 83.97.195.248 set transform-set strongsha match address 115 ! ! ! ! interface Ethernet0 ip address 192.168.2.1 255.255.255.0 ip nat inside no ip mroute-cache no cdp enable hold-queue 100 out ! interface ATM0 no ip address no atm ilmi-keepalive dsl operating-mode auto ! interface ATM0.1 point-to-point ip address 217.127.73.218 255.255.255.192 ip nat outside pvc 8/32 encapsulation aal5snap ! crypto map tosonicwall ! interface FastEthernet1 no ip address duplex auto speed auto ! interface FastEthernet2 no ip address shutdown duplex auto speed auto ! interface FastEthernet3 no ip address shutdown duplex auto speed auto ! interface FastEthernet4 no ip address shutdown duplex auto speed auto ! ip nat inside source list 101 interface ATM0.1 overload ip classless ip route 0.0.0.0 0.0.0.0 ATM0.1 no ip http server no ip http secure-server ! access-list 101 permit ip 192.168.2.0 0.0.0.255 any access-list 115 permit ip 192.168.2.0 0.0.0.255 172.16.0.0 0.0.0.255 no cdp run ! line con 0 no modem enable line aux 0 line vty 0 4 password --------- login ! scheduler max-task-time 5000 ! end

Reply to
Pirri
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.