VPN с авторизацией по сертификатам
Ну наконец то! Наконец я это сделал! Опишу потом, пока конфиг version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname c2811 ! boot-start-marker boot-end-marker ! ! aaa new-model ! ! aaa authentication login default local aaa authentication login VPNUSERS local aaa authorization exec default local aaa authorization network VPNGROUP local ! aaa session-id common clock timezone MSK 3 clock summer-time MSK recurring last Sun Mar 2:00 last Sun Oct 3:00 ! ! ip cef ! ! ip domain name local ip name-server 192.168.0.1 ! ! voice-card 0 no dspfarm ! ! ! ! ! ! ! ! ! ! ! ! ! crypto pki server CA_cisco issuer-name CN=powerc OU=enginers C=RU grant auto lifetime certificate 1 ! crypto pki trustpoint CA_cisco revocation-check crl rsakeypair CA_cisco ! crypto pki trustpoint CALOCAL enrollment url http://192.168.0.101:80 serial-number subject-name ou=enginers revocation-check crl rsakeypair VPN_remote ! ! ! crypto pki c...