07-24-2022 04:01 PM - edited 07-24-2022 04:06 PM
interface Virtual-Template down status down protocole
i try to create vpn
but in i set this command show ip int brife
interface Virtual-Template is down status down protocole
how i can make it up
this vpn is not workign good . no ping for any ip
Current configuration : 2685 bytes
!
! Last configuration change at 00:12:15 AST Wed Jul 20 2022
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname router1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000
enable secret 5 *******************************
enable password 7 *******************************
!
aaa new-model
!
!
aaa authentication login telnet local
aaa authentication ppp default local
aaa authorization network default local
!
!
!
!
!
!
aaa session-id common
clock timezone AST 3 0
!
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.110 192.168.1.160
ip dhcp excluded-address 192.168.1.230
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 212.43.18.22 95.66.18.22
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group SUP
! Default L2TP VPDN group
! Default PPTP VPDN group
accept-dialin
protocol any
virtual-template 8
no l2tp tunnel authentication
!
!
!
!
!
!
license udi pid ISR4221/K9 sn FGL2416LVKH
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
!
username ******************************* privilege 15 password 7 *******************************
!
redundancy
mode none
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.900
description WAN-Internet
encapsulation dot1Q 900
ip address 172.17.77.174 255.255.255.252
ip nat outside
!
interface GigabitEthernet0/0/1
description LAN-Internet
ip address 192.168.1.1 255.255.255.0 secondary
ip address 31.214.xxx.xxx 255.255.255.248 >> remote ip
ip nat inside
negotiation auto
ip virtual-reassembly
!
interface Virtual-Template8
ip unnumbered GigabitEthernet0/0/1
ip nat inside
peer default ip address pool mvpnco
no keepalive
ppp authentication ms-chap-v2
ip virtual-reassembly
!
ip local pool mvpnco 192.168.1.109 192.168.1.120
ip nat pool LAN 31.214.xxx.xxx 31.214.xxx.xxx prefix-length 29
ip nat inside source static 192.168.1.10 31.214.23.146 extendable
ip nat inside source list 1 pool LAN overload
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.17.77.173 name Internet
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
transport input none
stopbits 1
line vty 0 4
password 7 13061E010803
transport input all
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end
Solved! Go to Solution.
07-24-2022 08:03 PM - edited 07-24-2022 08:05 PM
this after you disable the GW of remote?
you must do this step in VPN adapter
07-24-2022 08:07 PM
why not from the router ping the Windows
ping 192.168.3.5 source 192.168.2.1
see if it success
07-24-2022 08:09 PM
no ping from router
07-24-2022 08:12 PM
you must sure the client have correct IP
do show ppp all
before ping
07-24-2022 08:20 PM
yes it is converted to 3.6 and 3.7 and now it is 3.8
and this is
show ppp all
07-24-2022 08:24 PM
I know every time cleint lease the IP it ask new IP
just check the client IP and ping it from router
let see
07-24-2022 08:25 PM
it is timeout sir
07-24-2022 08:26 PM
just share the
print route
from the client win
07-24-2022 08:32 PM
can u tell me how print it as cmd command ?
07-24-2022 08:38 PM
07-25-2022 08:38 AM
I dont forget You friend
do select NO ENCRYPTION ?
07-25-2022 10:08 AM
on i connect vpn i have this
07-25-2022 11:19 AM
can you share the step you config the VPN in client ?
07-25-2022 12:56 PM
sir the error is not from client . i try anything in your mind in my client windows and it is error no ping
07-25-2022 01:24 PM
for client the Op is called L2TP/IPSEC then you must select encryption either
1- optional
2- no encryption
that in my mind
also
show vpdn tunnel l2tp packets
check the count of packet after the ping is it increase or not
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide