Hello experts,
I have a connection WS-C3560X-24T-L to the remote site over
VPN.
and I need to alow any traffic from my
inside network to address 172.16.1.1 .
All other traffic need to go over vpn.(other side of VPN 192.160.20.0)
interface GigabitEthernet0/0
ip address A.B.C.D 255.255.255.252
duplex auto
ip nat outside
speed auto
crypto map VPN_site
!
!
interface GigabitEthernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
duplex auto
speed auto
!
!
ip forward-protocol nd
!
ip nat pool IzlazTerminali interface
GigabitEthernet 0/0
ip nat inside source list out_1 pool EXIT
overload
!
ip route 0.0.0 .0
0.0.0.0 A.B.C.D1
!
ip access-list extended VPN_site
permit ip 192.168.1.0 0.0.0 .255
192.168.20.0 0.0.20.255
permit ip 192.168.1.0 0.0.0 .255
host .x.x.x.x
ip access-list extended out_1
permit ip 192.168.1.0 0.0.0 .255
host 172.16.1.1
but now there is no access to the internet
via vpn!!!
The supplier 3Anetwork.com can help but
their technical support charge is a bit high, so I would prefer to do by
myself.
Thanks for your help.
MsoN� l < X � �L� =EN-US>Answer:
No it won't. You need to use, a minimum of, 12.4(4)T. Pay attention to the "T" train.
Go here.
Look at the left-hand column.
Click the 12.4 > 12.4T and choose for
the IOS of your choice.
Please don't forget to rate our useful
posts.
I suppose the latest and greatest firmware
would be the most appropriate, in the 12.4 range, eg 12.4.24 T8(ED),
would you agree?
I can't make that decision for you. For me, I would. Read the Release Notes so you'll know what
open cavaets are still available.
When I speak to my supplier, they tell me
that support for this device is discontinued and that it is no longer available
for a new contract.
1841 is already End-of-Sale since 01
November 2010, however, you can try to get your vendor WS-C3560X-24T-S to download the IOS for
you.
没有评论:
发表评论