这要看你的ADSL router是否支持穿透VPN,有些老路由是不支持的。
52437
我说的的是在ROUTEROS那边怎么办,和ADSL那边没有任何关系,ADSL那边可以解决! QUOTE(hp_811007 @ Jun 28 2005, 07:04 AM)
我说的的是在ROUTEROS那边怎么办,和ADSL那边没有任何关系,ADSL那边可以解决!
52456
既然不是很明白,说话就不要太绝对(尤其连手册都没看过):
1、ROS支持IPSEC的VPN
2、未必一定是ROS端出的问题
以下是手册内容:
Connecting a Remote Client via L2TP Tunnel
The following example shows how to connect a computer to a remote office network over L2TP
encrypted tunnel giving that computer an IP address from the same network as the remote office has
(without need of bridging over EoIP tunnels).
Please, consult the respective manual on how to set up a L2TP client with the software you are
using.
The router in this example:
Interface ToInternet 192.168.81.1/24
Interface Office 10.150.1.254/24
The client computer can access the router through the Internet.
On the L2TP server a user must be set up for the client:
ppp secret> add name=ex service=l2tp password=lkjrht
local-address=10.150.1.254 remote-address=10.150.1.2
ppp secret> print detail
Flags: X - disabled
0 name="ex" service=l2tp caller-id="" password="lkjrht" profile=default
local-address=10.150.1.254 remote-address=10.150.1.2 routes==""
ppp secret>
Then the user should be added in the L2TP server list:
interface l2tp-server> add name=FromLaptop user=ex
interface l2tp-server> print
Flags: X - disabled, D - dynamic, R - running
# NAME USER MTU CLIENT-ADDRESS UPTIME ENC...
0 FromLaptop ex
interface l2tp-server>
And the server must be enabled:
interface l2tp-server server> set enabled=yes
Page 70 of 537
interface l2tp-server server> print
enabled: yes
mtu: 1460
mru: 1460
authentication: mschap2
default-profile: default
interface l2tp-server server>
Finally, the proxy APR must be enabled on the 'Office' interface:
interface ethernet> set Office arp=proxy-arp
interface ethernet> print
Flags: X - disabled, R - running
# NAME MTU MAC-ADDRESS ARP
0 R ToInternet 1500 00:30:4F:0B:7B:C1 enabled
1 R Office 1500 00:30:4F:06:62:12 proxy-arp
interface ethernet>
L2TP Setup for Windows
Microsoft provides L2TP client support for Windows XP, 2000, NT4, ME and 98. Windows 2000
and XP include support in the Windows setup or automatically install L2TP. For 98, NT and ME,
installation requires a download from Microsoft (L2TP/IPsec VPN Client).
For more information, see:
Microsoft L2TP/IPsec VPN Client Microsoft L2TP/IPsec VPN Client
On Windows 2000, L2TP setup without IPsec requires editing registry:
Disabling IPsec for the Windows 2000 Client
Disabling IPSEC Policy Used with L2TP
Troubleshooting
Description
I use firewall and I cannot establish L2TP connection
Make sure UDP connections can pass through both directions between your sites.
My Windows L2TP/IPsec VPN Client fails to connect to L2TP server with "Error 789"
or "Error 781"
The error messages 789 and 781 occur when IPsec is not configured properly on both ends.
See the respective documentation on how to configure IPsec in the Microsoft L2TP/IPsec VPN
Client and in the MikroTik RouterOS. If you do not want to use IPsec, it can be easily
switched off on the client side. Note: if you are using Windows 2000, you need to edit system
registry using regedt32.exe or regedit.exe. Add the following registry value to
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Rasman\Parameters:
Value Name: ProhibitIpSec
Data Type: REG_DWORD
Value: 1
You must restart the Windows 2000 for the changes to take effect
For more information on configuring Windows 2000, see:
Configuring Cisco IOS and Windows 2000 Clients for L2TP Using Microsoft IAS
Disabling IPSEC Policy Used with L2TP
How to Configure a L2TP/IPsec Connection Using Pre-shared Key Authentication 我做的模式和你的 可以说是 一样的 我的连接可以成功的 PING通
ROS内网网段里的 所有运行主机的 IP地址 可就是网络邻居 找不到 机器 QUOTE(黑杰克 @ Jun 28 2005, 09:11 PM)
我做的模式和你的 可以说是 一样的 我的连接可以成功的 PING通
ROS内网网段里的 所有运行主机的 IP地址 可就是网络邻居 找不到 机器
52517
可以试一下vpn上建立Eoip连接 QUOTE(parphy @ Jun 28 2005, 04:29 PM)
QUOTE(hp_811007 @ Jun 28 2005, 07:04 AM)
我说的的是在ROUTEROS那边怎么办,和ADSL那边没有任何关系,ADSL那边可以解决!
52456
既然不是很明白,说话就不要太绝对(尤其连手册都没看过):
1、ROS支持IPSEC的VPN
2、未必一定是ROS端出的问题
52486
好象你说的和我问的不太一样呀,我说的是IPSEC而不是L2TP,你的L2TP的没有加密和认证,怎么和IPSEC一样呀???你看一下IPSEC和L2TP的区别吧!! L2TP支持IPSEC的 QUOTE(hp_811007 @ Jun 29 2005, 08:51 AM)
好象你说的和我问的不太一样呀,我说的是IPSEC而不是L2TP,你的L2TP的没有加密和认证,怎么和IPSEC一样呀???你看一下IPSEC和L2TP的区别吧!!
我觉得首先需要做的第一件事就是应该端正态度!
说让你看手册,你还不服气(你是否服气对我无所谓,但对你自己就有所谓)
给你贴出来提示了,你还不仔细看(我这样说你可能还不服气,反正我无所谓啦?)
IPSEC和L2TP的区别,无论如何谢谢你善意的提醒,不过,你好象更不清楚....
说了半天,我还是没告诉你答案,那是因为,我认为你真正需要的不应该只是答案,而是真正踏下心来,真正仔细去看手册 QUOTE(parphy @ Jun 29 2005, 10:48 AM)
我觉得首先需要做的第一件事就是应该端正态度!
说让你看手册,你还不服气(你是否服气对我无所谓,但对你自己就有所谓)
给你贴出来提示了,你还不仔细看(我这样说你可能还不服气,反正我无所谓啦?)
IPSEC和L2TP的区别,无论如何谢谢你善意的提醒,不过,你好象更不清楚....
说了半天,我还是没告诉你答案,那是因为,我认为你真正需要的不应该只是答案,而是真正踏下心来,真正仔细去看手册
52568
楼上大哥说的是,你有成功案例吗?小弟最近在研究这个,我的QQ:382841965有空交流一下! 嘿嘿。这里真热闹。。。路过看看。。。 QUOTE(hzkane @ Jun 29 2005, 02:05 PM)
嘿嘿。这里真热闹。。。路过看看。。。
52595
兄弟路过了也不来指导我一下!我郁闷好久了!!
页:
[1]
2