千家论坛_弱电智能化技术与工程讨论(建筑智能,家居智能,人工智能)

路由交换
收藏本版 (7) |订阅

路由交换 今日: 3703 |主题: 18312|排名: 28 

发新帖
打印 上一主题 下一主题

请教有关vpn的问题,在线等,急...

[复制链接]
li8005 发布于: 2007-4-7 10:15 467 次浏览 1 位用户参与讨论
跳转到指定楼层

我公司用的是华为2621的路由器,设置如下:

[Router]dis cu
  Now create configuration...
  Current configuration
  !
    version 1.74
    local-user admin service-type administrator password simple admin
    local-user yb service-type ppp password simple yb
    l2tp enable
    ip pool 1 192.168.0.100 192.168.0.150
    firewall enable
    aaa-enable
    aaa accounting-scheme optional
  !
  acl 2000 match-order auto
    rule normal permit source 192.168.0.2 0.0.0.0
    rule normal permit source 192.168.0.1 0.0.0.0
    rule normal permit source 192.168.0.3 0.0.0.0
    rule normal permit source 192.168.0.4 0.0.0.0
    rule normal permit source 192.168.0.5 0.0.0.0
    rule normal permit source 192.168.0.6 0.0.0.0
    rule normal permit source 192.168.0.7 0.0.0.0
    rule normal permit source 192.168.0.8 0.0.0.0
    rule normal permit source 192.168.0.9 0.0.0.0
    rule normal permit source 192.168.0.10 0.0.0.0
    rule normal permit source 192.168.0.11 0.0.0.0
    rule normal permit source 192.168.0.12 0.0.0.0
    rule normal permit source 192.168.0.13 0.0.0.0
    rule normal permit source 192.168.0.14 0.0.0.0
    rule normal permit source 192.168.0.15 0.0.0.0
    rule normal permit source 192.168.0.16 0.0.0.0
    rule normal permit source 192.168.0.17 0.0.0.0
    rule normal permit source 192.168.0.18 0.0.0.0
    rule normal permit source 192.168.0.19 0.0.0.0
    rule normal permit source 192.168.0.20 0.0.0.0
    rule normal deny source any
  !
  acl 3001 match-order auto
    rule normal deny tcp source any destination any destination-port equal 445
  !
  acl 3002 match-order auto
    rule normal deny tcp source any destination any destination-port equal 5554
  !
  acl 3003 match-order auto
    rule normal deny tcp source any destination any destination-port equal 9996
  !
  acl 3004 match-order auto
    rule normal deny tcp source any destination any destination-port equal 135
    rule normal deny tcp source any destination any destination-port equal 136
    rule normal deny tcp source any destination any destination-port equal 137
    rule normal deny tcp source any destination any destination-port equal 138
    rule normal deny tcp source any destination any destination-port equal 139
    rule normal deny tcp source any destination any destination-port equal 443
    rule normal deny udp source any destination any destination-port equal 135
    rule normal deny udp source any destination any destination-port equal 136
    rule normal deny udp source any destination any destination-port equal 445
    rule normal deny tcp source any destination any destination-port equal 445
    rule normal deny udp source any destination any destination-port equal netbi
os-ns
    rule normal deny udp source any destination any destination-port equal netbi
os-dgm
    rule normal deny udp source any destination any destination-port equal netbi
os-ssn
  !
  interface Aux0
    async mode flow
    link-protocol ppp
  !
  interface Ethernet0
    ip address 192.168.0.88 255.255.255.0
    firewall packet-filter 3004 inbound
    firewall packet-filter 3003 inbound
    firewall packet-filter 3002 inbound
    firewall packet-filter 3001 inbound
    firewall packet-filter 3001 outbound
  !
  interface Ethernet1
    ip address 220.166.123.x 255.255.255.0
    nat outbound 2000 interface
    nat server global 220.166.123.x www inside 192.168.0.3 www tcp
    nat server global 220.166.123.x 5632 inside 192.168.0.11 5632 tcp
    nat server global 220.166.123.x 5631 inside 192.168.0.11 5631 tcp
    nat server global 220.166.123.x 1433 inside 192.168.0.3 1433 tcp
  !
  interface Serial0
    link-protocol ppp
  !
  interface Serial1
    link-protocol ppp
  !
  interface Virtual-Template1
    link-protocol ppp
    ppp authentication-mode chap
    remote address pool 1
    ip address unnumbered Ethernet0
  !
  l2tp-group 1
  ! Default L2TP group
    allow l2tp virtual-template 1
    mandatory-lcp
    mandatory-chap
    tunnel name yb
    undo tunnel authentication
  !
  quit
  ip route-static 0.0.0.0 0.0.0.0 220.166.123.1 preference 60
  !
  return

[Router]

但是不能拔上VPN,不知道是怎么回事,请大家帮忙看看是设置上那里不对,还是工作站上设置不对,我是用XP系统自代的VPN拔号,提示:

错误800:不能正确琏接VPN。

望各位大大不吝赐教

[此贴子已经被作者于2007-4-7 10:19:37编辑过]
回复

使用道具 举报

已有1人评论

新浪微博达人勋

千家认证

沙发
li8005 发表于 2007-4-9 08:57:00
怎么没人回啊
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册 新浪微博登陆 千家通行证登陆

本版积分规则

千家智客微信号
千家智客微信
玩物说商城
玩物说商城