Solved: interface Virtual-Template down status down protocole - Page 2

zsmo2372 · ‎07-24-2022

interface Virtual-Template down status down protocole

i try to create vpn

but in i set this command show ip int brife

interface Virtual-Template is down status down protocole

how i can make it up

this vpn is not workign good . no ping for any ip

Current configuration : 2685 bytes
!
! Last configuration change at 00:12:15 AST Wed Jul 20 2022
!
version 16.8
service timestamps debug datetime msec
service timestamps log datetime localtime
service password-encryption
platform qfp utilization monitor load 80
no platform punt-keepalive disable-kernel-core
!
hostname router1
!
boot-start-marker
boot-end-marker
!
!
logging buffered 10000
enable secret 5 *******************************
enable password 7 *******************************
!
aaa new-model
!
!
aaa authentication login telnet local
aaa authentication ppp default local
aaa authorization network default local
!
!
!
!
!
!
aaa session-id common
clock timezone AST 3 0
!
ip dhcp excluded-address 192.168.1.1 192.168.1.10
ip dhcp excluded-address 192.168.1.110 192.168.1.160
ip dhcp excluded-address 192.168.1.230
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 212.43.18.22 95.66.18.22
!
!
!
!
!
!
!
!
!
!
subscriber templating
!
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group SUP
! Default L2TP VPDN group
! Default PPTP VPDN group
accept-dialin
protocol any
virtual-template 8
no l2tp tunnel authentication
!
!
!
!
!
!
license udi pid ISR4221/K9 sn FGL2416LVKH
no license smart enable
diagnostic bootup level minimal
!
spanning-tree extend system-id
!
!
!
username ******************************* privilege 15 password 7 *******************************
!
redundancy
mode none
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0/0
no ip address
negotiation auto
!
interface GigabitEthernet0/0/0.900
description WAN-Internet
encapsulation dot1Q 900
ip address 172.17.77.174 255.255.255.252
ip nat outside
!
interface GigabitEthernet0/0/1
description LAN-Internet
ip address 192.168.1.1 255.255.255.0 secondary
ip address 31.214.xxx.xxx 255.255.255.248 >> remote ip
ip nat inside
negotiation auto
ip virtual-reassembly
!
interface Virtual-Template8
ip unnumbered GigabitEthernet0/0/1
ip nat inside
peer default ip address pool mvpnco
no keepalive
ppp authentication ms-chap-v2
ip virtual-reassembly
!
ip local pool mvpnco 192.168.1.109 192.168.1.120
ip nat pool LAN 31.214.xxx.xxx 31.214.xxx.xxx prefix-length 29
ip nat inside source static 192.168.1.10 31.214.23.146 extendable
ip nat inside source list 1 pool LAN overload
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip route 0.0.0.0 0.0.0.0 172.17.77.173 name Internet
!
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
!
!
!
!
!
control-plane
!
!
line con 0
password 7 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
transport input none
stopbits 1
line vty 0 4
password 7 13061E010803
transport input all
!
wsma agent exec
!
wsma agent config
!
wsma agent filesys
!
wsma agent notify
!
!
end

zsmo2372 · ‎07-24-2022

l2tp and pptp . no ping

MHM Cisco World · ‎07-24-2022

https://kb.iu.edu/d/aopy

this for Windows FW if it not allow ping you get timeout
if you want to test also use
telnet LO

zsmo2372 · ‎07-24-2022

i have try on windows and linux no ping

zsmo2372 · ‎07-24-2022

this proplem just on cisco ios 16 and 17 and 18 .

but on cisco ios 15 it is ping and working good

MHM Cisco World · ‎07-24-2022

telnet 192.168.2.1
from Win ?
share the output here

zsmo2372 · ‎07-24-2022

192.168.2.1 no connected to telnet

MHM Cisco World · ‎07-24-2022

ip local pool mvpnco 192.168.3.5 192.168.3.10
disconnect the client and connect again after change the IP address of Pool.
finally ping
also share
show ip route "hide the public IP"

zsmo2372 · ‎07-24-2022

no ping after change pool

show ip route

Gateway of last resort is 172.17.77.173 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 172.17.77.173
31.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C xxx.xxx.xxx.xxx/29 is directly connected, GigabitEthernet0/0/1
L xxx.xxx.xxx.xxx/32 is directly connected, GigabitEthernet0/0/1
L xxx.xxx.xxx.xxx/32 is directly connected, GigabitEthernet0/0/1
172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.17.77.172/30 is directly connected, GigabitEthernet0/0/0.900
L 172.17.77.174/32 is directly connected, GigabitEthernet0/0/0.900
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, GigabitEthernet0/0/1
L 192.168.1.1/32 is directly connected, GigabitEthernet0/0/1
192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Loopback2
L 192.168.2.1/32 is directly connected, Loopback2
192.168.3.0/32 is subnetted, 1 subnets
C 192.168.3.5 is directly connected, Virtual-Access2.1

MHM Cisco World · ‎07-24-2022

one more step
virtual-template
no ip nat inside
and Ping

zsmo2372 · ‎07-24-2022

no ping

MHM Cisco World · ‎07-24-2022

please share
print route of client

zsmo2372 · ‎07-24-2022

from windows cmd

ping 192.168.2.1 -i 192.168.3.5 >> timeout

from telent

ping 192.168.1.1 source 192.168.2.1

is good ping

and from telent ping 192.168.3.5 >> timeout

MHM Cisco World · ‎07-24-2022

disable the default gateway

and ping again

zsmo2372 · ‎07-24-2022

no ping after disable it

zsmo2372 · ‎07-24-2022