f



Site to Site VPN #2 86105

Hello i need some help about configuration CISCO 1812.
We have established VPN between main office A and   branch office B.
And now all the traffic is secured. But I need on side A to establish
that clients from B can get only to one server and not all LAN.

Is this possible with Cisco 1812.

Thanks

B

0
4/1/2007 10:19:49 AM
comp.dcom.sys.cisco 25313 articles. 0 followers. Post Follow

2 Replies
670 Views

Similar Articles

[PageSpeed] 24

I suppose you must be using some access-list on VPN configuration and
you need to only allow te ip/server ip you want to
on access-list else drop.




On Apr 1, 3:19 pm, boris.ko...@gmail.com wrote:
> Hello i need some help about configuration CISCO 1812.
> We have established VPN between main office A and   branch office B.
> And now all the traffic is secured. But I need on side A to establish
> that clients from B can get only to one server and not all LAN.
>
> Is this possible with Cisco 1812.
>
> Thanks
>
> B


0
CK
4/2/2007 6:18:49 AM
Thanks for replay. I tought to that I need to do in ACL list but it
doesn't work.


 description Tunnel to xy
 set peer 217.16.87.246
 set security-association lifetime seconds 86400
 set transform-set ESP-3DES-SHA1 ESP-3DES-SHA
 match address 108

access-list 108 remark IPSec Rule
access-list 108 permit ip 10.0.0.0 0.0.0.255 10.98.0.0 0.0.255.255

Can you write how to drop it. I need only permisson to server with IP
10.0.0.4

B


On Apr 2, 8:18 am, "CK" <chetan.ka...@gmail.com> wrote:
> I suppose you must be using some access-list on VPN configuration and
> you need to only allow te ip/server ip you want to
> on access-list else drop.
>
> On Apr 1, 3:19 pm, boris.ko...@gmail.com wrote:
>
> > Hello i need some help about configuration CISCO 1812.
> > We have established VPN between main office A and   branch office B.
> > And now all the traffic is secured. But I need on side A to establish
> > that clients from B can get only to one server and not all LAN.
>
> > Is this possible with Cisco 1812.
>
> > Thanks
>
> > B


0
boris
4/2/2007 7:11:41 AM
Reply:

Similar Artilces:

site to site VPN CISCO PIX #2
I use a VPN site to site, PIX 515 to PIX 501. The access is 2 ways. Could I configure a priority through tunnel? I want to permit the access only PIX 515 to PIX 501 and deny for PIX 501 to 515. I used crypto map outside_map client configuration address initiate --for PIX 515 crypto map outside_map client configuration address respond --for PIX 501 But I have access in two ways !!! Could I use a command crypto ? Thank you ! silviumed In article <1146524343.471393.228570@v46g2000cwv.googlegroups.com>, <silviumed@gmail.com> wrote: >I use a VPN site to site, PIX 515 to PIX 50...

VPN Site To Site between a Cisco 831 and a bintec X1200 #2
Has anyone runs a Site To Site VPN tunnel between a cisco router and a bintec router ? ...

site-to-site vpn #2
show a sample configuration, there are two routers with two ISPs they set up a choice of providers in the fall of another, you need to connect 2 routers tunnel, in what way will be a choice on what sort of tunnel back to work, please give an example of working configuration. R1------------- isp1--------------R2 -------------isp2 -------------- "Slava" <1vasya1@gmail.com> wrote in message news:96d9a0ec-12fe-4495-ae8f-3847ed01d3d4@n6g2000vbg.googlegroups.com... > > show a sample configuration, there are two routers with two ISPs > they se...

site-2-site VPN
Hi everybody, I was asking about the S2S VPN lately, but have a bit different question now. What are the industry standards / best practices to securely connect two company branches? I was thinking of a VPN connection, but it does not allow one to connect two identical subnets e.g. 10.11.12.0/24 with 10.11.12.0/24. Is there a way to connect two offices via VPN and reduce or eliminate the possibility of subnet overlap? Thanks, AL ALeu schrieb: > I was asking about the S2S VPN lately, but have a bit different question > now. What are the industry standards / best practices to sec...

RE: Seeking Data Archiving (BACKUP) Suggestions (was: Re: VAX/VMS site) site)site) site) site)site)site) site)site) #2
-----Original Message----- From: Dave Froble [mailto:davef@tsoft-inc.com]=20 Sent: Thursday, August 17, 2006 12:23 AM To: Info-VAX@Mvb.Saic.Com Subject: Re: Seeking Data Archiving (BACKUP) Suggestions (was: Re: VAX/VMS site) site)site) site) site)site)site) site)site) Stanley F. Quayle wrote: > On 16 Aug 2006 at 14:42, Barry.Treahy@EmersonNetworkPower.com wrote: >> You might find the costs to migrate everything from the 4000/100 models >> to replacement CHARON 4000/108 emulated systems cost effect >=20 > Another CHARON-VAX possibility [Shameless Plug Alert (tm)] is to=20 ...

Site to site VPn tunnel and VPN tunnel #2
Whats is the difference? > Whats is the difference? the case of "N"? ...

Allow Cisco vpn client pool down a site to site VPN
Hi there, I was wondering if the following is possible? I am terminating a vpn client ( pool 10.10.10.0 /24 ) onto router A and allowing access to 192.168.100.0 /24 , this is router A's local lan. Router A also has a site to site VPN to router B. This is from net 192.168.100.0 /24 to 192.168.200.0 /24 This is as follows..... Remote Client 10.10.10.0 /24 | | 192.168.100.0 /24 | | ...

Vpn site to site + vpn cisco client access list problem.
Hi I have problem to get vpn site to site tunnel and the vpn client tunnel to work at the same time. How can I join access list 80 and 100 so i can add them to nat "(inside) 0 access-list 80" I got a pix 501 and 2620 and on the pix 501 It's accessible thugh Cisco VPN client. The config on the pix 501: : Written by admin at 15:32:22.817 CEDT Mon Aug 7 2006 PIX Version 6.3(5) interface ethernet0 100full interface ethernet1 100full nameif ethernet0 outside security0 nameif ethernet1 inside security100 enable password g4JAhKwvQDnczMDZ encrypted passwd g4JAhKwvQDnczMDZ encrypted ...

Cisco Site to Site VPN. Is it possible to join domain over VPN connection?
Hi guys, I am interested to know if you have two cisco routers, site to site vpn, if its possible to join a pc to the domain? I am able to ping and do a nslookup on the remote site, however when joining to a domain , it fails. El CiD wrote: > Hi guys, > > > I am interested to know if you have two cisco routers, site to site > vpn, if its possible to join a pc to the domain? > > I am able to ping and do a nslookup on the remote site, however when > joining to a domain , it fails. Yes. Your DNS and WINS settings given to the client on the ...

site to site VPN CISCO PIX
Hi, I use a VPN site to site, PIX 515 to PIX 501. The access is 2 ways. Could I configure a priority through tunnel? I want to permit the access only PIX 515 to PIX 501 and deny for PIX 501 to 515. It is possible ? Thanks. Yes. It is possible to do this with Cisco PIX. Normally when you configure site to site vpns, you also have to configure access-list. For the one you dont want traffic to go through you can put a deny rule blocking the traffic that you dont want to traverse. Alternatively you can also not include the unwanted traffic in the allow access-list. There is a easy cheatsheet ...

Site to Site VPN Problem #2
X-No-Archive: yes Hi Have a site to site VP N problem The network servers are Microsoft windows server both 200 and 2003. AT one remote site using an ASA to ASA VPN clients could pick up email from an exchange server buy not send email. The site with the exchange server cold VNC to the machine that could not send email When one browsed the network one could see only local machines. The domain controller at the remote site had lots of id event 1311 in the directory log. Machines could not connect to an SQL server using active directory credentials but could get to a web site on the ...

site 2 site vpn problems
Hello all, I'm having a problem with a site-to-site vpn tunnel between a cisco 871 and some d-link routers at branch locations. Once I installed the 871 I had the s2s tunnels up with what appeared to be no problem. On the 871 side I could connect to the remote branch equipment, however, from the remote branch side they could not connect back to the servers at corp, but they could ping anything. In my experience this is normally an MTU problem. Sadly when I went to configure the interface (FastEthernet4) with "ip mtu 1450", I got an error stating that the interface did not h...

Cisco 1700 Site-Site VPN
Hello, I'm trying to set up a Site to Site VPN with two Cisco 1700 Routers. But I didn't get it to fly. When the tunnel ist setup the routing doesn't work or other things. Here is what I want to do: 192.168.4.0/24 -- RouterA --- INTERNET --- RouterB -- 192.168.6.0/24 Router A and Router B have a static IP. Lets Say IPA and IPB. Here is my config of RouterB. RouterA locks mostly the same except it does Dialup so the interface on the outside is Dialer0. I didn't find the failer. Can someone plz help me out? Router config from Router B ============================ ! version 1...

site to site VPN CISCO PIX
Hello all, I use a VPN site to site, PIX 515 to PIX 501. The access is 2 ways. Could I configure a priority through tunnel? I want to permit the access only from PIX 515 to PIX 501 and deny from PIX 501 to 515. I used crypto map outside_map client configuration address initiate --for PIX 515 crypto map outside_map client configuration address respond --for PIX 501 But I have access in two ways !!! Could I use a command crypto ? Thank you ! silviumed In article <1146524836.593604.149240@g10g2000cwb.googlegroups.com>, <silviumed@gmail.com> wrote: >I use a VPN site to site,...

site to site vpn #2 481678
Hello all, We are currently terminating vpn connections from client sites in our dmz area and then letting their traffic pass through our firewall. The circuits and routers that the vpns terminate on are owned by the clients and are located at our facility. We are currently using the 10.0.0.0 address space and so are some of our clients. I can forsee a time when we might have a problem with this if a client has a host at 10.0.0.1 and if we have a host at 10.0.0.1 and we try to connect to the client's host our router will think the host is on the local subnet and not route the packet to the...

Site to Site VPN routing
I am trying to connect a Cisco 1841 router to a Nortel VPN Router 1010 via a IPSEC VPN tunnel. I actually have the tunnel up and running. My problem is that I cannot figure out how to tell the Cisco Router to route traffic from its private network to the private network on the Nortel Router. The Nortel Router seems to just route traffic to the Cisco Router's public interface and it works. If I put a static route in the Cisco Router to route to the Nortel Router's public interface, I get nothing. Any help would be appreciated. On Sep 21, 1:46 pm, peachma...@yahoo.com wrote: > I...

Site to Site VPN routing
I am trying to connect a Cisco 1841 router to a Nortel VPN Router 1010 via a IPSEC VPN tunnel. I actually have the tunnel up and running. My problem is that I cannot figure out how to tell the Cisco Router to route traffic from its private network to the private network on the Nortel Router. The Nortel Router seems to just route traffic to the Cisco Router's public interface and it works. If I put a static route in the Cisco Router to route to the Nortel Router's public interface, I get nothing. Any help would be appreciated. ...

How to Configure Site-to-Site VPN in Cisco Routers
Hi all, I have done a simplified step-by-step procedure to do site-to-site VPN. Please take a look at it and give me your notes. Is it clear and simple? did I miss something? How to Configure Site-to-Site VPN in Cisco Routers http://www.routergeek.net/content/view/50/37/ All feedback is welcomed. Regards, Mohammed ...

site to site vpn with internal NAT #2
Hello. I have a PIX 501. inside network = 192.168.1.0 255.255.255.0. I need to create a site to site IPSEC VPN through the external interface. on the remote side, there's already a LAN with 192.168.1.0, so they asked me to configure an internal NAT in my system so that when my 192.168.1.101 tries to contact a peer on the remote side, he will be identified as 192.168.48.49. Is this possible? if so - how? Thanks. In article <1131656242.987765.16140@g43g2000cwa.googlegroups.com>, Meni <meni.milstein@gmail.com> wrote: :I have a PIX 501. :inside network = 192.168.1.0 255.255.25...

Site-to-site VPN Cisco 1811
Thank you in advance for your help, experts. I have a family friend that owns a small company with 2 locations (10 pcs on one end, and 5 on the other). They have static IP addresses - their internet connection is a Wireless connection (DSL and Cable not available). He would like to setup some way for the PCs at both locations to be able to talk to each other. I am thinking about purchasing 2 x Cisco 1811 routers, connecting them to the ethernet connection provided by the wireless devices located at each location, and setting up a site- to-site VPN connection using these devices....

How to Configure Site-to-Site VPN in Cisco Routers
Hi all, I have done a simplified step-by-step procedure to do site-to-site VPN. Please take a look at it and give me your notes. Is it clear and simple? did I miss something? How to Configure Site-to-Site VPN in Cisco Routers http://www.routergeek.net/content/view/50/37/ All feedback is welcomed. Regards, Mohammed ...

How to Configure Site-to-Site VPN in Cisco Routers
Hi all, I have done a simplified step-by-step procedure to do site-to-site VPN. Please take a look at it and give me your notes. Is it clear and simple? did I miss something? How to Configure Site-to-Site VPN in Cisco Routers http://www.routergeek.net/content/view/50/37/ All feedback is welcomed. Regards, Mohammed Mohammed Alani wrote: > I have done a simplified step-by-step procedure to do site-to-site > VPN. Please take a look at it and give me your notes. Is it clear and > simple? did I miss something? Yes. You do not give the router models and IOS versions. Change the rout...

How to Configure Site-to-Site VPN in Cisco Routers
Hi all, I have done a simplified step-by-step procedure to do site-to-site VPN. Please take a look at it and give me your notes. Is it clear and simple? did I miss something? How to Configure Site-to-Site VPN in Cisco Routers http://www.routergeek.net/content/view/50/37/ All feedback is welcomed. Regards, Mohammed ...

Cisco 877 NAT and site-site VPN
Hello, Can you NAT a site-to-site VPN? I have a Cisco 877 which I have been using for internet access. My internal network 10.10.10.0/24 is hidden behind the router's static external IP address using NAT. Now I am trying to set up a VPN to another company, Their firewall is 199.99.99.99. Within their network I need to access computers in subnet 177.77.77.0/24 I set up the VPN using Cisco Security Device Manager (SDM) - This changed my NAT rule to use route-map so that the NAT and VPN would not conflict, This means that my internal addresses are not hidden from the other end of t...

Web resources about - Site to Site VPN #2 86105 - comp.dcom.sys.cisco

SpaceX postpones rocket launch until Thursday
SpaceX postponed until Thursday a launch to propel a communications satellite into a distant orbit, followed by another attempt to guide the ...

Sharp Agrees Takeover Bid From iPhone Maker Foxconn, Reports Say
(TOKYO) — Sharp Corp. agreed Thursday to a 489 billion yen ($4.4 billion) takeover by Taiwan’s Hon Hai Precision Industry Co., also known as ...

How to use Facebook Reactions without pissing everyone off
The new Facebook reactions are here and g one are the days of the simple "Like." You can now express your love, anger, laughter, surprise and ...

Google speeds news to smartphones, challenging Facebook
Google on Wednesday began delivering "blazingly fast" articles to smartphones and tablets in a stepped-up challenge to Facebook to be the leading ...

Kanye West ‘Borrowed’ Kim Kardashian’s Money And She Is Not Happy
The rumors that Kim Kardashian is going to divorce Kanye West are everywhere. While many say it is due to his Twitter rants, a source says that ...

With Siri coming to OS X, Apple is finally making the Mac exciting again
While Siri on the iPhone has improved dramatically over the past five years, Apple's intelligent personal assistant has remained conspicuously ...

Join Best Selling Author Shel Israel at the SMC San Francisco General Assembly
Join Social Media Club San Francisco on March 10 at General Assembly for a lively discussion about technology’s impact on business and life with ...

East Coast, Midwest Battered by Strong Storm Systems
Fox News East Coast, Midwest Battered by Strong Storm Systems ABC News Storms systems brought tornadoes to the East Coast, killing four in ...

Microsoft bought a company that makes porting apps easier
Microsoft is taking its relatively new role as a mobile app maker pretty seriously. So much so that it's bought Xamarin, a company that specializes ...

HTC Is Teasing Its Next Flagship Smartphone
The announcements that most people were looking forward to at the Mobile World Congress 2016 are done and dusted. LG and Samsung have both announced ...

Resources last updated: 2/25/2016 10:50:43 AM