From: John Mistichelli (jmistichelli@xxxxxxxxx)
Date: Sun Jun 17 2001 - 07:16:22 GMT-3
Your access list is wrong. Try:
access-list 101 perm ip host 207.122.2.4 host
207.122.1.2
John Mistichelli
CCIE, CCSI, MCSE, CNE
--- Beklik@aol.com wrote:
> Hi,
>
> Has anyone worked on the Fatfid 393. I can not get
> it to work and the
> solution is not any help at all.
>
> Here is my config: for one router the other is the
> same. I am using 12.1 5.
>
> cryptoisakmp policy 25
> authentication pre-share
> cryptoisakmp key cisco1 address 207.122.1.2
> !
> !
> cryptoipsec transform-set myset esp-des esp-sha-hmac
> mode transport
> !
> !
> cryptomap 2_remote_site 10 ipsec-isakmp
> set peer 207.122.1.2
> set transform-set myset
> match address 101
> !
> !
> !
> interfaceLoopback0
> ip address 10.2.3.4 255.255.255.0
> no ip directed-broadcast
> !
> interfaceTunnel0
> ip address 10.1.254.2 255.255.255.252
> no ip directed-broadcast
> tunnel source 207.122.2.4
> tunnel destination 207.122.1.2
> crypto map 2_remote_site
> !
> interfaceEthernet0
> ip address 172.17.188.2 255.255.255.192
> no ip directed-broadcast
> !
> interfaceSerial0
> no shut
> ip address 207.122.2.4 255.255.255.240
> ip access-group 101 out
> no ip directed-broadcast
> no ip mroute-cache
> no fair-queue
> crypto map 2_remote_site
> !
> !
> interfaceTokenRing0
> no shut
> ip address 10.2.1.4 255.255.255.0
> no ip directed-broadcast
> ring-speed 16
> !
> routereigrp 10
> redistribute static
> network 10.0.0.0
> no auto-summary
> !
> routerrip
> network 207.122.2.0
> !
> ipclassless
> !
> access-list101 permit ip 10.1.0.0 0.0.255.255
> 10.2.0.0 0.0.255.255
>
>
> Thanks
>
> John
> **Please
> read:http://www.groupstudy.com/list/posting.html
>
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:25 GMT-3