cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
888
Views
0
Helpful
0
Replies

VPN and Remote desktop configuration troubles

haa
Level 1
Level 1

Hi all,

 

so I got a cisco router 880, which I wanna configure to get access to its network via vpn , and also configuring remote desktop connection to one of the server in my LAN from home.

 

I tried a lot of combines, and i admit I m not that good with cisco NAT, ACL and PATS. 

If anyone can help me figure the issue with my configuration below I would be gratefu:

 

Building configuration...

Current configuration : 2679 bytes
!
! Last configuration change at 16:16:38 UTC Tue Nov 28 2017
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname mloc
!
boot-start-marker
boot-end-marker
!
!
enable password <removed>
!
aaa new-model
!
!
aaa authentication login userauthen local
aaa authorization network groupauthor local
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!


!
!
!
!
ip domain name ***.com
ip cef
no ipv6 cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
license udi pid C881-K9 sn FCZ2102137X
!
!
username user password 0 <removed>
username cisco
!
!
!
!
!
!
!
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group vpnclient
key <removed>
dns 192.168.90.254
pool ippool
acl 101
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
mode tunnel
!
!
!
crypto dynamic-map dymap 10
set transform-set myset
reverse-route
!
!
crypto map clientmap client authentication list userauthen
crypto map clientmap isakmp authorization list groupauthor
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dymap
!
!
!
!
!
!
interface FastEthernet0
switchport access vlan 100
no ip address
duplex full
!
interface FastEthernet1
no ip address
!
interface FastEthernet2
no ip address
!
interface FastEthernet3
no ip address
!
interface FastEthernet4
description interface-wan
ip address 192.168.1.2 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
crypto map clientmap
!
interface Vlan1
no ip address
!
interface Vlan100
description vlan-operationnel
ip address 192.168.90.254 255.255.255.0
ip nat inside
no ip virtual-reassembly in
!
ip local pool ippool 192.168.100.1 192.168.100.15
ip forward-protocol nd
ip http server
no ip http secure-server
!
!
ip nat source list 2 interface FastEthernet4 overload
ip nat inside source list 111 interface FastEthernet4 overload
ip nat inside source static tcp 192.168.90.2 3399 "PUBLIC IP" 3399 extendable
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
!
access-list 2 permit 192.168.90.0 0.0.0.255
access-list 101 permit ip 192.168.90.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 111 deny ip 192.168.90.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 111 permit ip any any
!
!
!
control-plane
!
!
mgcp behavior rsip-range tgcp-only
mgcp behavior comedia-role none
mgcp behavior comedia-check-media-src disable
mgcp behavior comedia-sdp-force disable
!
mgcp profile default
!
!
!
!
!
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
transport input ssh
!
scheduler allocate 20000 1000
!
!
end

 

 

Thank you a lot !

0 Replies 0