cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
549
Views
0
Helpful
4
Replies

CISCO VPN PPTP

youness hafid
Level 1
Level 1

this is my shema and my configuration on the router, I configure PPTP VPN, the post bond with remote internet connect to the VPN and takes an IP address (pool: 192.168.1.110 192.168.1.130) but it is not entered 192.168.1.0 networks are not ping 192.168.1.100 networks and on the server

CISCO VPN PPTP

------------------ show running-config ------------------


Building configuration...

Current configuration : 4748 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
!
resource policy
!
no aaa new-model
memory-size iomem 20
no network-clock-participate slot 1 
no network-clock-participate wic 0 
ip subnet-zero
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.100
ip dhcp excluded-address 192.168.1.1 192.168.1.10
!
ip dhcp pool dhcp1
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1 
   dns-server 212.217.0.1 212.217.0.14 
!
!
ip cef
no ip ips deny-action ips-interface
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
 accept-dialin
  protocol pptp
  virtual-template 1
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
crypto pki trustpoint TP-self-signed-1655042984
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1655042984
 revocation-check none
 rsakeypair TP-self-signed-1655042984
!
!
crypto pki certificate chain TP-self-signed-1655042984
 certificate self-signed 01
  30820242 308201AB A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 31363535 30343239 3834301E 170D3032 30333034 30313531 
  30305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 36353530 
  34323938 3430819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  8100E238 181318AC 9E700A00 B823B2BF 2C5FED90 D9911774 497B5723 094871B7 
  AEAB1565 4D0D208E 2D6334E5 7A4EB40C 60520DDB 85D0671D 0351F74F 9B8A34D2 
  CBB70BC2 F17AABA7 F9ECDE82 9A04610F BEF9DF5B B34AF5A1 CAB55C3F CC5855D1 
  B2794975 D4262FD7 D48B2E23 E8181D92 5D93AC16 BD94DC36 8156F26E EC3A5391 
  47030203 010001A3 6A306830 0F060355 1D130101 FF040530 030101FF 30150603 
  551D1104 0E300C82 0A657A7A 6F75686F 75722E30 1F060355 1D230418 30168014 
  495E33AE 0675E78E 6129114E 694BDC83 98370C86 301D0603 551D0E04 16041449 
  5E33AE06 75E78E61 29114E69 4BDC8398 370C8630 0D06092A 864886F7 0D010104 
  05000381 8100CA78 C62A41AB 1C2F4091 FF3D9F4C D08C4202 BF1CA01B E26C0D03 
  651A7C08 1691CFFF AFACF8F7 597EE44A FEEDA7CE 4860BEA1 702EA590 C87DA4FA 
  C136EE3D A0C0EE99 0A560A7E 579664B9 8FC108CA E17654C0 73194DF1 58456230 
  F05FB474 A397C90B 0B1DA67E C507BE9E 162FD7C3 B3061E5B 7CE6DD44 5D4939DC 
  4470F36D 710F
  quit
username admin privilege 15 password 0 
!

!
!
!
!
interface ATM0/0
 no ip address
 no atm ilmi-keepalive
 dsl operating-mode auto 
!
interface ATM0/0.3 point-to-point
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0/0
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
 duplex auto
 speed auto
!
interface BRI0/0
 no ip address
 shutdown
!
interface Serial1/0
 no ip address
 shutdown
 no fair-queue
!
interface Serial1/1
 no ip address
 shutdown
!
interface Serial1/2
 no ip address
 shutdown
!
interface Serial1/3
 no ip address
 shutdown
!
interface Virtual-Template1 
 ip unnumbered ATM0/0
 peer default ip address pool USER-POOL
 no keepalive
 ppp encrypt mppe 128
 ppp authentication ms-chap ms-chap-v2
!
interface Dialer0
 ip address 88.191.189.4 255.255.255.0
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication chap pap callin
 ppp chap hostname admin
 ppp chap password 0 123456
 ppp pap sent-username admin password 0 123456
!
ip local pool USER-POOL 192.168.1.110 192.168.1.130
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
ip http server
ip http authentication local
ip http secure-server
ip nat inside source list 1 interface Dialer0 overload
!
access-list 1 remark INSIDE_IF=FastEthernet0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 120 permit ip host 192.168.1.100 host 192.168.1.110
access-list 120 permit ip host 192.168.1.100 host 192.168.1.111
access-list 120 permit ip host 192.168.1.100 host 192.168.1.112
access-list 120 permit ip host 192.168.1.100 host 192.168.1.113
access-list 120 permit ip host 192.168.1.100 host 192.168.1.114
access-list 120 permit ip host 192.168.1.100 host 192.168.1.115
access-list 120 permit ip any host 192.168.1.110
access-list 120 permit ip any host 192.168.1.111
access-list 120 permit ip any host 192.168.1.112
access-list 120 permit ip any host 192.168.1.113
access-list 120 permit ip any host 192.168.1.114
access-list 120 permit ip any host 192.168.1.115
dialer-list 1 protocol ip permit
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 login
!
!
end


------------------ show stacks ------------------

4 Replies 4

Hi,

Modify your nat ACL access-list 1 permit 192.168.1.0 0.0.0.255 I think it make problem.

Try these ACLs:

access-list 100 deny ip 192.168.1.0 0.0.0.255  192.168.1.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255  any

If problem still exist then show "show ip route connected" output

HTH

Kazim Abbas

""Plz rate and select correct answer it post helpful"

Hi,

thank you Kazim Abbas, But a problem still exist ?!

 

 

Hi

 

show ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

     88.0.0.0/24 is subnetted, 1 subnets
C       88.191.189.0 is directly connected, Dialer0
     41.0.0.0/32 is subnetted, 1 subnets
C       41.141.0.1 is directly connected, Dialer0
C    192.168.1.0/24 is directly connected, FastEthernet0/0
S*   0.0.0.0/0 is directly connected, Dialer0

Hi;

 

I found a problem in "  ip unnumbered ATM0/0 " must be replaced with "  ip unnumbered FA0/0 "

My reseaux local

 

Thank You

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco