Re: Cisco VPN Client to IOS Using Local Extended Auth.

branko · ‎12-27-2005

Hi,

I tried to configure router 2801 to accept VPN Clients.

I'm working with the following example:

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801c4246.shtml

When I connect through VPN Client, the router give me address from IPpool, but I have no access to LAN (192.168.100.x)

What else I should do? (I'm pretty new at this area)

Thank You

jackko · ‎12-27-2005

the issue may be related to no nat.

try applying the codes below:

access-list 101 deny ip 192.168.100.0 0.0.0.255 14.1.1.0 0.0.0.255

access-list 101 permit ip 192.168.100.0 0.0.0.255 any

route-map nonat permit 10

match ip address 101

ip nat inside source route-map nonat interface Serial0/3/0 overload

branko · ‎12-28-2005

I tried, but still not working.

I'm sending how interesant part of configuration now look like.

Also, another question is why I can't log to router by telnet. I implement access-list 10 at line vty 0 4, and put my public ip address of router in it.

Message from remote side is: % Connection timed out; remote host not responding

I can ping it.

IOS version: c2801-advipservicesk9-mz.123-14.T5.bin

Thanks.

branko · ‎12-28-2005

Sorry jackko, it's working!!!

VPN

Still, if you can help me with this telnet access.

Thanks a lot!!!

attrgautam · ‎12-28-2005

Can you see if this works ? Just a try...

crypto isakmp client configuration group eurosan

key eur05an

domain

pool ippool

crypto dynamic-map dynmap 10

match address 108

set transform-set myset

Regards

Gautam