السلام عليكم الأخوة الأعزاء

يمكن أن تكون مشكلتي بسيطة ومن المؤكد أنها تكون مرت عليكم كثيرا ولكن بالنسبة لي قد تكون مشكلة كبيرة جداً
المشكلة بأختصار ... عندي روتر سيسكو 1941 بال Head office ومربوط بالفروع عن طريق VPN P2P وعلى هذا الروتر أتنين IP Address واحد ناشونال لربط الفروع مع نفس ISP وال IP الثاني أنترناشونال لربط فروع أخري مع ISP أخري وأيضا لربط مستخدمين خارج الشبكة وهنا تكمن مشكلتي :ah34: بأني أريد ربط مستخدمين خارج الشبكة بأستخدام Internationale IP
1- ماهي الخطوات اللازمة لعمل ذلك بالأضافة لخطوات Security الخاصة بهذا الربط
2- أن لاتكون الخطوات تتعارض مع الـ configuration الموجودة الأن على الروتر كما هو مبين فى الأتي

!
version 15.0
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname ---------------
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$DeHg$N77KXyn7adilL4.1AfY26/
!
no aaa new-model
clock timezone PCTime 3
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip domain timeout 30
multilink bundle-name authenticated
!
!
crypto pki trustpoint TP-self-signed-1148615062
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1148615062
revocation-check none
rsakeypair TP-self-signed-1148615062
!
!
8100CDB0 4089AC8F 0215AB72 EA013B45 C043E6DA 68E29AA7 E39E0452 BDC2A75C
BDC8592A 99CA0FE2 B52F57C3 34C374B4 95CA6230 A5A9F1FD 7B30801A EFE1E6B6
E3B04803 1BAFD62C BB45F21B 145B100D 7D9D7764 15141DDB 910C1286 9C92C560
763D8DCD 712F29AF D37AD7BD 8CC1FE31 489A066E 544BE1AD 5506F806 AAF90998
63010203 010001A3 7F307D30 0F060355 1D130101 FF040530 030101FF 302A0603
551D1104 23302182 1F64616D 6D616D2D 6D6F7573 612E6D73 2D667572 6E697475
72652D66 2E636F6D 301F0603 551D2304 18301680 141F3559 4970EE4C 04D34340
5CADAF7B 88961313 C3301D06 03551D0E 04160414 1F355949 70EE4C04 D343405C
ADAF7B88 961313C3 300D0609 2A864886 F70D0101 04050003 818100AD 2C3730FD
5842BD04 F85DAE37 1F3247C3 4C786914 2D835991 23737932 FAEDDA26 6D5AC8BF
BCC76B62 88329253 6D3ADA0E EF47D68E 7BD2245F F1FB3976 10C4B6CC 02EF3BD6
8ECD7C6D 39DC32B2 31669A8F 8CA3342C 07AD0B80 3D019F11 A8005481 A642FA42
F7D867D6 ED2FE849 A09DF61A 42AB4355 DA706DAD 062B1368 6CA255
quit
license udi pid CISCO1941/K9 sn FCZ1419C3HE
!
!
username admin privilege 15 password 7 1218011A1B05
!
!
ip tcp synwait-time 10
!
!
!
!
interface Tunnel10
description For ---------------------
ip address 10.10.10.1 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.132
!
interface Tunnel11
description For ----------------------
ip address 10.10.10.5 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.150
!
interface Tunnel12
description for----------------------------
ip address 10.10.10.9 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 78.93.0.205
tunnel destination 86.51.185.110
!
interface Tunnel13
description For------------------
ip address 10.10.10.13 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.158
!
interface Tunnel14
description for -------------------------
ip address 10.10.10.17 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.168
!
interface Tunnel15
description -------------------------------
ip address 10.10.10.21 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.170
!
interface Tunnel16
description Makkah -----------------------------
ip address 10.10.10.25 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.181
!
interface Tunnel17
description------------------------------
ip address 10.10.10.29 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 192.168.157.110
tunnel destination 212.116.213.184
!
interface Tunnel20
description For -------------------------
ip address 10.10.10.33 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 78.93.0.205
tunnel destination 46.240.64.198
!
interface Tunnel21
description For ------------
ip address 10.10.10.37 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 78.93.0.205
tunnel destination 46.240.65.210
!
interface Tunnel22
description For------------------------
ip address 10.10.10.41 255.255.255.252
ip flow ingress
keepalive 10 3
tunnel source 78.93.0.205
tunnel destination 85.194.82.150
!
!
interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address 78.93.0.205 255.255.255.252 secondary
ip address 192.168.157.110 255.255.255.252
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/1
description $ES_LAN$
ip address 172.16.1.254 255.255.0.0
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
shutdown
negotiation auto
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 192.168.157.109
ip route 0.0.0.0 0.0.0.0 78.93.0.204
ip route 123.0.0.0 255.0.0.0 Tunnel25
ip route 192.168.1.0 255.255.255.0 Tunnel10
ip route 192.168.2.0 255.255.255.0 Tunnel11
ip route 192.168.3.0 255.255.255.0 Tunnel12
ip route 192.168.4.0 255.255.255.0 Tunnel13
ip route 192.168.5.0 255.255.255.0 Tunnel14
ip route 192.168.6.0 255.255.255.0 Tunnel15
ip route 192.168.7.0 255.255.255.0 Tunnel16
ip route 192.168.8.0 255.255.255.0 Tunnel17
ip route 192.168.9.0 255.255.255.0 Tunnel21
ip route 192.168.10.0 255.255.255.0 Tunnel20
ip route 192.168.11.0 255.255.255.0 Tunnel22
!
logging trap debugging
!
!
!
control-plane
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------


Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.


It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.


username <myuser> privilege 15 secret 0 <mypassword>


Replace <myuser> and <mypassword> with the username and password you want to
use.


-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.


YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS


Here are the Cisco IOS commands.


username <myuser> privilege 15 secret 0 <mypassword>
no username cisco


Replace <myuser> and <mypassword> with the username and password you want
to use.


IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.


For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to https://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line vty 0 4
privilege level 15
password 7 06070B2C4540
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end



ولكم مني جزيل الشكر والتقدير