Je ne peux pas pinguer à mon intranet avec mon vpn

Fermé
sarahinf Messages postés 10 Date d'inscription dimanche 30 décembre 2012 Statut Membre Dernière intervention 14 février 2013 - 28 janv. 2013 à 13:52
Bonjour,
voila ma configuration je ne peux pas pinguer à mon serveur 10.16.1.x
dans un cisco 2800
hostname RT-VPN
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
no logging console
no logging monitor
!
username xxx privilege 15 secret 5 $1$j6WG.
username ddd privilege 15 password 78
username ddd password 7 1531021F0725
no network-clock-participate aim 0
no network-clock-participate aim 1
aaa new-model
!
!
aaa authentication login default local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login userauthen local
aaa authorization exec default local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
aaa authorization network sdm_vpn_group_ml_3 local
aaa authorization network groupauthor local
aaa session-id common
ip subnet-zero
!
!
ip cef
!
!
ip domain name domainelocal
ip ips po max-events 100
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto isakmp policy 100
encr 3des
authentication pre-share
group 2
crypto isakmp key douanes address 80.246.4.x
crypto isakmp key cisco123 address x.x.x.x no-xauth
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set MY_TRANSFORM_SET esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto map vpn_traffic 2 ipsec-isakmp
description VPN_TEST
set peer x.x.x.x
set transform-set ESP-3DES-SHA1
match address 101
crypto map vpn_traffic 10 ipsec-isakmp
set peer 80.246.4.x
set transform-set MY_TRANSFORM_SET
match address 100
!
!
!
!
interface GigabitEthernet0/0
description $ETH-LAN$
ip address 80.246.4.xx 255.255.255.224
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
crypto map vpn_traffic
!
interface GigabitEthernet0/1
description $ETH-LAN$
ip address y.y.y.y 255.255.255.252
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 80.246.4.xxx
ip route 10.16.0.0 255.255.0.0 y.y.y.1
!
ip http server
ip http authentication local
ip http secure-server
!
!
access-list 100 permit ip 10.16.0.0 0.0.255.255 10.170.8.0 0.0.7.255
access-list 101 permit ip 10.16.0.0 0.0.255.255 10.170.16.0 0.0.7.255
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line 1/0 1/15
line vty 0 4
privilege level 15
password 7 132130362A20230F19
transport input ssh
!
scheduler allocate 20000 1000
!
end
sachant que y.y.y.y est une adresse du lan et x.x.x.x adresse du 2éme lan(ou il ya le serveur intranet)