Hi,
I have a vpn tunnel which works fine except that the client doesnt get a /24
subnet mask but a /8.
Can I force a /24 subnet on it?
Here is my config:
aaa new-model
!
aaa authentication login default local
aaa authentication login test none
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization reverse-access test none
aaa session-id common
ip subnet-zero
!
username student password 0 xxx
username student autocommand menu termserver
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 3
encr 3des
group 2
!
crypto isakmp client configuration group WG1_1
key juniper
pool SDM_POOL_1
acl 101
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
interface FastEthernet0/0
ip address 212.10.1.1 255.255.255.0
crypto map SDM_CMAP_1
!
interface FastEthernet2/0
ip address 10.1.1.100 255.255.255.0
!
ip local pool SDM_POOL_1 10.1.1.5 10.1.1.6
ip classless
!
access-list 101 permit ip any any
!
Thanks,
Abderrahim
Received on Sun Oct 11 2009 - 12:36:09 ART
This archive was generated by hypermail 2.2.0 : Sun Nov 01 2009 - 07:50:59 ART