- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- WAN Routing
- >
- IPsec site-to-site VPN MSR 900
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-22-2012 12:28 AM
тАО03-22-2012 12:28 AM
Re: IPsec site-to-site VPN MSR 900
Note that this is just for troubleshooting
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-28-2012 03:22 AM
тАО03-28-2012 03:22 AM
Re: IPsec site-to-site VPN MSR 900
Tested and worked.
acl number 3140
rule 0 permit ip source 192.168.236.0 0.0.0.255 destination 192.168.221.0 0.0.0.255
rule 1 permit ip source 192.168.236.0 0.0.0.255 destination 10.0.0.0 0.0.0.255
acl number 3150
rule 0 deny ip source any destination 192.168.221.0 0.0.0.255
rule 1 deny ip source any destination 10.0.0.0 0.0.0.255
rule 2 permit ip source 192.168.236.0 0.0.0.255
interface Ethernet0/0
port link-mode route
nat outbound 3150
ip address Y.Y.Y.Y 255.255.255.252
ipsec policy mlszs2s
dns server Y.Y.Y.X
ipsec policy mlszs2s 1 isakmp
connection-name mlsz_center
security acl 3140
ike-peer mlsz_center
proposal mlsz_globall
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО03-31-2012 10:14 PM
тАО03-31-2012 10:14 PM
SolutionHello
You can also try this:
Upgrade the firmware to the latest version (R2209) because it contains all the fixes and software updates from the previous versions and the command "ipsec no-nat-process enable" has been implemented again in version R2207P45.
I upgraded last night and the command is there.
Tell me if it works.
Regards,
Alex
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО07-08-2015 02:30 AM
тАО07-08-2015 02:30 AM
Re: IPsec site-to-site VPN MSR 900
need to deal with acl very carefully. otherwise our device or network maybe under attack.
- « Previous
-
- 1
- 2
- Next »