フレッツVPNワイド 端末型 メッシュ IPIPトンネル 失敗事例

フレッツVPNワイド 端末型払い出し メッシュ インターネット本社から接続の場合 IPIPトンネル。機器はYAMAHA RTX1210

C拠点設置の際にpingが通らなくて、configをチェック。

 

今回、C拠点側のステータスランプは消えているのに、pingが通らないという事象が発生し、原因の箇所を探る。通信会社サポートにてトンネルの確立のチェックはしてもらえるが、そこでは問題ないとの回答であったため、原因の切り分けで、センター側を疑い、箇所を見つける。

tunnel select

tunnel enableコマンド

でひとくみ

記述ミス。ひともじのミス!!

 

センター拠点

administrator password ******
ip route default gateway pp 2
ip route 192.168.1.0/24 gateway tunnel 1
ip route 192.168.2.0/24 gateway tunnel 2
ip route 192.168.4.0/24 gateway tunnel 3
ip route 192.168.5.0/24 gateway tunnel 4
ip route 192.168.100.1 gateway pp 1
ip route 192.168.100.2 gateway pp 1
ip route 192.168.100.3 gateway pp 1
ip route 192.168.100.4 gateway pp 1
ip route 192.168.100.5 gateway pp 1
ip lan1 address 192.168.3.250/24
pp disable all
pp select 1
description pp PRV/FGA_TERM/0:ngn
pp keepalive interval 30 retry-interval=30 count=12
pp always-on on
pppoe use lan2
pppoe auto disconnect off
pp auth accept pap chap
pp auth myname user01@cvn********** user01
ppp lcp mru on 1454
ppp ipcp ipaddress on
ppp ccp type none
ip pp mtu 1454
pp enable 1
pp select 2
description pp PRV/PPPoE/1:ocn
pp keepalive interval 30 retry-interval=30 count=12
pp always-on on
pppoe use lan2
pppoe auto disconnect off
pp auth accept pap chap
pp auth myname ********@***.***.**.** ******
ppp lcp mru on 1454
ppp ipcp ipaddress on
ppp ipcp msext on
ppp ccp type none
ip pp inbound filter list 1001 1002 1003 1004 1005 1006 1007 1008
ip pp nat descriptor 1100
pp enable 2
no tunnel enable all
tunnel select 1
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.1 192.168.100.2
ip tunnel tcp mss limit auto
tunnel enable 1
tunnel select 2
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.1 192.168.100.4
ip tunnel tcp mss limit auto
tunnel enable 2
tunnel select 3
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.1 192.168.100.3
ip tunnel tcp mss limit auto
tunnel enable 3
tunnel select 4
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.1 192.168.100.5
ip tunnel tcp mss limit auto
tunnel enable 4
nat descriptor type 1100 masquerade
dns server pp 2
dns server select 500002 pp 2 any . restrict pp 2
dns private address spoof on
statistics cpu on
statistics memory on

C拠点

administrator password ******
ip route default gateway tunnel 1
ip route 192.168.2.0/24 gateway tunnel 2
ip route 192.168.3.0/24 gateway tunnel 1
ip route 192.168.1.0/24 gateway tunnel 3
ip route 192.168.5.0/24 gateway tunnel 4
ip route 192.168.100.1 gateway pp 1
ip route 192.168.100.2 gateway pp 1
ip route 192.168.100.4 gateway pp 1
ip route 192.168.100.5 gateway pp 1
ip lan1 address 192.168.4.1/24
pp disable all
pp select 1
pp always-on on
pppoe use lan2
pp auth accept pap chap
pp auth myname user03@cvn********** user03
ppp lcp mru on 1454
ip pp address 192.168.100.3/32
ip pp mtu 1454
pp enable 1
no tunnel enable all
tunnel select 1
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.3 192.168.100.1
tunnel enable 1
tunnel select 2
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.3 192.168.100.4
tunnel enable 2
tunnel select 3
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.3 192.168.100.2
tunnel enable 3
tunnel select 4
tunnel encapsulation ipip
tunnel endpoint address 192.168.100.3 192.168.100.5
tunnel enable 4
tftp host any
dhcp service server
dhcp server rfc2131 compliant except remain-silent
dhcp scope 1 192.168.4.2-192.168.4.191/24
dns private address spoof on
dashboard accumulate traffic on

図を描いて復習とチェック。

 

 

 

 

メディアメソッドへの問い合わせ 守秘義務ご誓約書提出します メディアメソッド 藤塚 佳苗  長野市三輪9-5-13 TEL:026-219-2557 Fax:026-219-2558

mmblog

Posted by fujitsuka