- A virtual community of network engineers
 Home  BookStore  StudyNotes  Links  Archives  StudyRooms  HelpWanted  Discounts  Login
VPN queries [7:118909] posted 03/13/2007
[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Hi guyz, i have a couple of queries regarding this technology and how they
usually implement.. I may sound stupid but i have no other option but to
ask... :-) first of all, i'd like to mention that its our org's best
practice that we use two cisco 831 routers at the customer premises and then
terminate this at the headend 7206 router in the data centre. we have been
sent the bootstrap config to tftp to the 2 c831 routers.
the initial configs for these 2 routers are keyed into the ISC server in
data centre. The first C831 acts as a internet screening router and blocks
internet attacks. the second router is the router that connects to the LAN
segment of the customer network and also acts ad a VPN router. so last
night, we tried bringing up the tunnel. first we turned on the screening
router. this connected back thru our adsl line to the ISC server in the data
centre and downloaded its initial config. then we turned on the vpn router
and even this router pulled its initial config from the ISC server. but the
certification process failed on vpn router. so a couple of steps were used
to figure out what the problem is.
Like checking the clock synchronization. then did a debug crypto pki trans
and messages. debug ip http server etc. frm wat we got to knw was dat ip
packets r generated from the vpn router, reaches the isc server and on its
way back goes to another IP that we r not aware of. does dis hav anything to
do with Natting from the ISP side. we r using dynamic addressing from the ISP.
another question i have is, that the configs i was sent includes ip
addresses for E0 interface. but there's no E0 interface physicall present on
the router. but when i do a sh ip int brief, it shows me E0,E1 and four fast
eth interfaces. But physically, only E1 and 4 fast eth's exist. Is this a
common thing in this series of routers. could this hav something to do with
the problem we r facing? oh im soo confused...

Message Posted at:
FAQ, list archives, and subscription info: