01-09-2012 12:00 PM
I'm trying to configure my home router to connect to my vpn at work so that I con do remote administration without needing to dial in each time. The connection will establish and my router obtains the correct negotiated IP address, but none of the resources are available on the remote network. I was wondering if anyone might be able to look at my config and see what i've got wrong:
Also, This config also shows the configuration for my PPTP dial-in... which is working fine.
Thanks in advance.
Rt1#sho ru
Building configuration...
Current configuration : 4779 bytes
!
! Last configuration change at 13:36:30 Chicago Mon Jan 9 2012 by mitch
! NVRAM config last updated at 13:36:31 Chicago Mon Jan 9 2012 by mitch
!
version 12.4
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service internal
!
hostname Rt1
!
boot-start-marker
boot-end-marker
!
logging buffered informational
logging console warnings
enable secret 5 <hidden>
!
aaa new-model
!
!
aaa authentication ppp default local
!
aaa session-id common
clock timezone Chicago -6
clock summer-time CDT recurring
no ip gratuitous-arps
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.101.1 192.168.101.100
ip dhcp excluded-address 192.168.102.1 192.168.102.100
ip dhcp excluded-address 192.168.100.1 192.168.100.105
!
ip dhcp pool HostPrivate
import all
network 192.168.100.0 255.255.255.0
dns-server 4.2.2.1 4.2.2.2
default-router 192.168.100.1
domain-name dns.name
!
!
!
ip cef
ip name-server 8.8.8.8
ip name-server 8.8.4.4
ip flow-egress input-interface
ip flow-cache entries 10000
ip multicast-routing
vpdn enable
vpdn logging
!
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip <ip of Remote RRAS Server>
!
vpdn-group Host
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
!
username <User> privilege 15 secret 5 <hidden>
!
!
!
!
!
!
interface Ethernet0
description HostPrivate
ip address 192.168.100.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip route-cache flow
!
interface Ethernet1
description WAN_Interface
ip address WAN IP
ip nat outside
ip route-cache flow
duplex auto
no cdp enable
!
interface Virtual-Template1
ip unnumbered Ethernet0
peer default ip address pool DIAL-IN
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2
!
interface Dialer0
ip address negotiated
ip pim dense-mode
ip nat outside
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 111
dialer vpdn
dialer-group 1
no peer neighbor-route
no cdp enable
ppp pfc local forbid
ppp pfc remote reject
ppp encrypt mppe auto
ppp eap refuse
ppp chap hostname <user>
ppp chap password <pass>
!
ip local pool DIAL-IN 192.168.100.60 192.168.100.65
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 <WAN Gateway>
ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 10.6.112.0 255.255.240.0 Dialer0
ip http server
no ip http secure-server
ip flow-capture mac-addresses
ip flow-export source Ethernet1
!
ip nat source route-map VPN interface Dialer0 overload
ip nat inside source list 1 interface Ethernet1 overload
ip nat inside source static udp 192.168.100.108 49177 interface Ethernet1 49177
ip nat inside source static udp 192.168.100.108 56123 interface Ethernet1 56123
ip nat inside source static tcp 192.168.100.108 56123 interface Ethernet1 56123
ip nat inside source static tcp 192.168.100.108 49177 interface Ethernet1 49177
ip nat inside source static tcp 192.168.100.30 9675 interface Ethernet1 9675
ip nat inside source static tcp 192.168.100.30 3389 interface Ethernet1 3389
ip nat inside source static udp 192.168.100.30 3389 interface Ethernet1 3389
ip nat inside source static tcp 192.168.100.30 8889 interface Ethernet1 8889
ip nat inside source static tcp 192.168.100.30 9901 interface Ethernet1 9901
ip nat inside source static udp 192.168.100.30 9901 interface Ethernet1 9901
ip nat inside source static udp 192.168.100.30 8889 interface Ethernet1 8889
ip nat inside source static udp 192.168.100.25 80 interface Ethernet1 8888
ip nat inside source static tcp 192.168.100.25 80 interface Ethernet1 8888
ip nat inside source static udp 192.168.100.30 57331 interface Ethernet1 57331
ip nat inside source static tcp 192.168.100.30 57331 interface Ethernet1 57331
!
access-list 1 permit 192.168.100.0 0.0.0.255
dialer-list 1 protocol ip permit
route-map INTERNET permit 10
match ip address 10
match interface Ethernet1
!
route-map VPN permit 10
match ip address 10
match interface Dialer0
!
!
control-plane
!
banner login ^C
------------------------------------
**Host Network**
------------------------------------
^C
!
line con 0
no modem enable
line aux 0
line vty 0 4
!
scheduler max-task-time 5000
sntp server 153.16.4.131
sntp server 207.171.7.152
end
Rt1#
Rt1#sho ip int br
Interface IP-Address OK? Method Status Protocol
Ethernet0 192.168.100.1 YES NVRAM up up
Ethernet1 <Wan IP Addr> YES DHCP up up
NVI0 unassigned NO unset up up
Virtual-Template1 192.168.100.1 YES TFTP down down
Dialer0 10.6.118.56 YES IPCP up up
Virtual-Access1 unassigned YES unset up up
Virtual-Access2 unassigned YES unset down down
Virtual-Access3 unassigned YES unset down down
Rt1#
Rt1#sh vpdn
%No active L2F tunnels
%No active L2TP tunnels
PPTP Tunnel and Session Information Total tunnels 1 sessions 1
LocID Remote Name State Remote Address Port Sessions VPDN Group
557 estabd <IP OF VPN> 1723 1 1
LocID RemID TunID Intf Username State Last Chg Uniq ID
557 40492 557 Vi1 estabd 00:10:15 0
Rt1#
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide