cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
407
Views
0
Helpful
0
Replies

Cant Access peers on VPDN VPN from LAN

robert.dorn
Level 1
Level 1

Hi at all!

I have a Cisco 876 Router, wich is connected to the internet via a second LTE Router on VLAN2. Routing and NAT works fine there for internet access. No i would like to use VPDN DialUP via pptp to my workplace. The connection is up and running but i can't access any of the remotes from lan. When i ping from the 871 console, everything is OK. I can't find the failure since 2 Days Attached my config.

192.168.15.1 is the LTE Router 192.168.0.0/24 is the Remote Site and 10.10.10.0/24 my LAN

version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
!
hostname yourname
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 51200 warnings
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-914059951
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-914059951
revocation-check none
rsakeypair TP-self-signed-914059951
!
!
crypto pki certificate chain TP-self-signed-914059951
certificate self-signed 01
<snip>
   quit
dot11 syslog
ip source-route
no ip gratuitous-arps
!
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
   import all
   network 10.10.10.0 255.255.255.248
   default-router 10.10.10.1
   lease 0 2
!
!
ip cef
ip domain name yourdomain.com
ip name-server 192.168.15.1
no ipv6 cef
!
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group 1
!
vpdn-group PPTPC
request-dialin
  protocol pptp
  rotary-group 1
initiate-to ip <edited:wan ip> !
!
username admin privilege 15 secret 5 <snip> !
!
!
archive
log config
  hidekeys
!
!
no ip ftp passive
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl bitswap both
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
switchport access vlan 2
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.248
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
ip address 192.168.15.66 255.255.255.0
ip nat outside
ip virtual-reassembly
!
interface Dialer1
description ddr PPTP client inf
mtu 1400
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip tcp adjust-mss 1360
dialer in-band
dialer idle-timeout 60
dialer string 1
dialer string 123
dialer vpdn
dialer-group 1
no cdp enable
ppp encrypt mppe auto
ppp authentication ms-chap-v2 callin
ppp eap refuse
ppp chap hostname user
ppp chap password 0 password

ppp chap refuse
ppp ms-chap refuse
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 192.168.15.1
ip route <WAN OF VPN SERVER SNIP> 255.255.255.255 192.168.15.1
ip route 192.168.0.0 255.255.255.0 Dialer1
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
ip dns server
ip nat inside source list 1 interface Vlan2 overload
ip nat inside source route-map PPTPC interface Dialer1 overload
!
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.7
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
route-map PPTPC permit 10
match ip address 100
match interface Dialer1
!
!
control-plane
!
banner exec ^CC
-----------------------------------------------------------------------

!
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler max-task-time 5000
end

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: