站点到站点 VPN:无法通过云在两个路由器之间 ping

网络工程 路由 虚拟专用网 数据包跟踪器
2022-02-10 17:55:30

我正在尝试模拟站点到站点 VPN。

这是我的网络的样子:

在此处输入图像描述

VPN隧道代表连接Technology center routerR1,运行配置Technology center router如下:

Current configuration : 1713 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname TCR
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO2901/K9 sn FTX1524158U
license boot module c2900 technology-package securityk9
!
!
!
crypto isakmp policy 10
 encr aes
 authentication pre-share
 group 2
!
crypto isakmp key cisco address 10.2.2.2
!
!
!
crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
!
crypto map VPN-MAP 10 ipsec-isakmp 
 description VPN connection to R1
 set peer 10.2.2.2
 set transform-set VPN-SET 
 match address 100
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 bandwidth 64000
 ip address 10.1.1.1 255.0.0.0
 clock rate 128000
 crypto map VPN-MAP
!
interface Serial0/0/1
 no ip address
 clock rate 2000000
 shutdown
!
interface FastEthernet0/1/0
 switchport mode access
!
interface FastEthernet0/1/1
 switchport mode access
 shutdown
!
interface FastEthernet0/1/2
 switchport mode access
 shutdown
!
interface FastEthernet0/1/3
 switchport mode access
 shutdown
!
interface Vlan1
 ip address 192.168.0.1 255.255.255.0
!
ip classless
!
ip flow-export version 9
!
!
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 100 permit ip 192.168.0.0 0.0.0.255 192.168.4.0 0.0.0.255
!
!
!
!
!
line con 0
!
line aux 0
!
line 0/2/0 0/2/7
 login
!
line vty 0 4
 login
!
!
!
end

和运行配置R1

Current configuration : 1503 bytes
!
version 15.1
no service timestamps log datetime msec
no service timestamps debug datetime msec
no service password-encryption
!
hostname R1
!
!
!
!
!
!
no ip cef
no ipv6 cef
!
!
!
!
license udi pid CISCO2901/K9 sn FTX1524PZ05
license boot module c2900 technology-package securityk9
!
!
!
crypto isakmp policy 10
 encr aes
 authentication pre-share
 group 2
!
crypto isakmp key cisco address 10.1.1.1
!
!
!
crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
!
crypto map VPN-MAP 10 ipsec-isakmp 
 description VPN connection to TCR
 set peer 10.1.1.1
 set transform-set VPN-SET 
 match address 100
!
!
!
!
!
!
spanning-tree mode pvst
!
!
!
!
!
!
interface GigabitEthernet0/0
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface GigabitEthernet0/1
 no ip address
 duplex auto
 speed auto
 shutdown
!
interface Serial0/0/0
 bandwidth 64000
 ip address 10.2.2.2 255.0.0.0
 clock rate 128000
 crypto map VPN-MAP
!
interface Serial0/0/1
 no ip address
 clock rate 2000000
 shutdown
!
interface FastEthernet0/1/0
 switchport mode access
!
interface FastEthernet0/1/1
 switchport mode access
 shutdown
!
interface FastEthernet0/1/2
 switchport mode access
 shutdown
!
interface FastEthernet0/1/3
 switchport mode access
 shutdown
!
interface Vlan1
 ip address 192.168.1.1 255.255.255.0
!
ip classless
!
ip flow-export version 9
!
!
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
!
!
!
!
!
line con 0
!
line aux 0
!
line 0/2/0 0/2/7
 login
!
line vty 0 4
 login
!
!
!
end

为什么不能互相ping通R1Technology center router

0个回答
没有发现任何回复~
其它你可能感兴趣的问题
上一篇VANET 中的街道感知路由与 V2V 通信之间的关系 下一篇具有重复子网的 VPN 隧道