From: Wright, Jeremy (wright@admworld.com)
Date: Wed Apr 21 2004 - 09:43:27 GMT-3
extended
_____
From: Richard Dumoulin [mailto:richard.dumoulin@vanco.es]
Sent: Wednesday, April 21, 2004 3:38 AM
To: Wright, Jeremy; 'security@groupstudy.com'
Cc: 'ccielab@groupstudy.com'
Subject: RE: TED Help
Have you done extended pings from ethernet to ethernet ? Or do you have
routers plugged into both ethernet interfaces and pinged from them ?
--Richard
-----Original Message-----
From: Wright, Jeremy [mailto:wright@admworld.com <mailto:wright@admworld.com>
]
Sent: miircoles, 21 de abril de 2004 4:17
To: 'security@groupstudy.com'
Cc: 'ccielab@groupstudy.com'
Subject: TED Help
I can't see to get TED fired up. I pulled the info straight off CCO (minus
IP's) and no output on debug crypto isakmp,ipsec,engine. No hits on my ACL
either. Below are my configs. R1-R2(hub router)-R4
R1:
crypto isakmp policy 10
authentication pre-share
crypto isakmp key abc123 address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set ted-transforms esp-des esp-md5-hmac
!
crypto dynamic-map ted-map 10
set transform-set ted-transforms
match address 101
!
crypto map tedtag 10 ipsec-isakmp dynamic ted-map discover interface
FastEthernet0/0 ip address 192.168.15.1 255.255.255.0
interface Serial0/0
ip address 150.50.12.1 255.255.255.0
encapsulation frame-relay
frame-relay map ip 150.50.12.2 112 broadcast
no frame-relay inverse-arp
crypto map tedtag
ip route 0.0.0.0 0.0.0.0 150.50.12.2
access-list 101 permit ip 192.168.15.0 0.0.0.255 172.16.44.0 0.0.0.255
R2:interface Serial0.21 point-to-point
ip address 150.50.12.2 255.255.255.0
frame-relay interface-dlci 121
!
interface Serial0.24 point-to-point
ip address 150.50.24.2 255.255.255.0
frame-interface-dlci 124
ip route 172.16.44.0 255.255.255.0 150.50.24.4
ip route 192.168.15.0 255.255.255.0 150.50.12.1
R4:
crypto isakmp policy 10
authentication pre-share
crypto isakmp key abc123 address 0.0.0.0 0.0.0.0
!
crypto ipsec transform-set ted-transforms esp-des esp-md5-hmac
!
crypto dynamic-map ted-map 10
set transform-set ted-transforms
match address 101
!
crypto map tedtag 10 ipsec-isakmp dynamic ted-map discover interface Ethernet0
ip address 172.16.44.4 255.255.255.0 ! interface Serial0 ip address
150.50.24.4 255.255.255.0 encapsulation frame-relay frame-relay map ip
150.50.24.2 142 broadcast no frame-relay inverse-arp crypto map tedtag !
access-list 101 permit ip 172.16.44.0 0.0.0.255 192.168.15.0 0.0.0.255 ip
route 0.0.0.0 0.0.0.0 150.50.24.2
CONFIDENTIALITY NOTICE:
This message is intended for the use of the individual or entity to
which it is addressed and may contain information that is privileged,
confidential and exempt from disclosure under applicable law. If the reader
of this message is not the intended recipient or the employee or agent
responsible for delivering this message to the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please notify us
immediately by email reply or by telephone and immediately delete this message
and any attachments. In the U.S. call us toll free at (800) 637-5843.
Spanish, French, French (Canada), Portuguese, Polish, German, Dutch,
Turkish, Russian, Japanese and Chinese:
http://www.admworld.com/confidentiality.htm
<http://www.admworld.com/confidentiality.htm> .
This archive was generated by hypermail 2.1.4 : Mon May 03 2004 - 19:48:51 GMT-3