01-20-2013 06:28 PM
what's wrong with my configuration but my device not' connected internet i use ubuntu LTS 12.04
cisco 1841
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system flash c1841-ipbasek9-mz.124-24.T.bin
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$eb9Q$7kMUF5Am0kVn/QXwssfrD/
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization network default local
!
!
aaa session-id common
dot11 syslog
no ip source-route
!
!
!
!
ip cef
ip name-server 202.134.1.10
ip name-server 202.134.0.155
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group PPTP
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
!
!
username ala***n password 7 051B131C2A4343
username fa***ul privilege 15 password 7 03520B59565F701C16594B51
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0/0
ip address 222.124.152.181 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description ====LOCAL=====
ip address 192.168.100.1 255.255.255.0
ip access-group 100 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface Virtual-Template1
description ##PPTP TUNNEL##
ip unnumbered FastEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
peer default ip address pool PPTP_POOL
no keepalive
ppp authentication pap chap ms-chap
ppp timeout idle 360
!
ip local pool PPTP_POOL 192.168.101.110 192.168.101.125
ip default-gateway 222.124.152.161
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 222.124.152.161
!
no ip http server
no ip http secure-server
!
ip nat pool fahrul 222.124.152.181 222.124.152.181 prefix-length 29
ip nat inside source list 77 pool fahrul overload
!
access-list 23 permit 10.10.20.0 0.0.0.255
access-list 77 permit 192.168.2.0 0.0.0.255
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 permit ip 192.168.100.0 0.0.0.255 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp host 203.197.12.30 eq domain host 121.243.96.154
access-list 101 permit ip 10.10.20.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 101 permit ip 10.10.10.0 0.0.0.255 192.168.100.0 0.0.0.255
access-list 101 deny ip 192.168.100.0 0.0.0.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip host 0.0.0.0 any
access-list 101 deny ip any any log
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
Solved! Go to Solution.
01-24-2013 11:36 PM
This inside network is also not in the NAT-definition. Add the following:
access-list 77 permit 192.168.100.0 0.0.0.255
Sent from Cisco Technical Support iPad App
01-20-2013 11:58 PM
Important things first:
Change your passwords immediately! You posted them in cleartext (type 7 IS cleartext) and knowing your name its likely that any bad boy can login to your router now.
Sent from Cisco Technical Support iPad App
01-21-2013 12:04 AM
And now regarding your problem:
Your NAT is wrong:
- On your outside interface Fa0/0 you need "ip nat outside".
- The NAT-list has to include the traffic from your PPTP pool:
access-list 77 permit 192.168.101.0 0.0.0.255
Sent from Cisco Technical Support iPad App
01-24-2013 11:05 PM
can you help me guys'
excuisme why my client can't internet access from my config
(INTERNET)-------->[ROUTER]---->[CLINET]
Clinet :
Ubuntu LTS 12.04
IP 192.168.100.2
Netmas 255.255.255.0
Gateway 192.168.100.1
DNS Server 202.134.1.10
Please help me
01-24-2013 11:36 PM
This inside network is also not in the NAT-definition. Add the following:
access-list 77 permit 192.168.100.0 0.0.0.255
Sent from Cisco Technical Support iPad App
01-24-2013 11:58 PM
i add
access-list 77 permit 192.168.100.0 0.0.0.255
not connect Internet CLIENT from ROUTER
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot system flash c1841-ipbasek9-mz.124-24.T.bin
boot-end-marker
!
logging message-counter syslog
enable secret 5 $1$eb9Q$7kMUF5Am0kVn/QXwssfrD/
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
aaa authorization network default local
!
!
aaa session-id common
dot11 syslog
no ip source-route
!
!
!
!
ip cef
ip name-server 202.134.1.10
ip name-server 202.134.0.155
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group PPTP
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
!
!
username alauddin privilege 15 secret 5 $1$G03q$UwzLwisLrlanVnh6VCVZE.
username fakhrul privilege 15 secret 5 $1$gOx9$FrpywAJZISgjnwBfs2nyj/
archive
log config
hidekeys
!
!
!
!
!
interface FastEthernet0/0
ip address 222.124.152.181 255.255.255.224
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
no mop enabled
!
interface FastEthernet0/1
description ===LOCAL===
ip address 192.168.100.1 255.255.255.0
ip access-group 100 in
ip flow ingress
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface Virtual-Template1
description ##PPTP TUNNEL##
ip unnumbered FastEthernet0/0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
peer default ip address pool PPTP_POOL
no keepalive
ppp authentication pap ms-chap ms-chap-v2
!
router rip
network 192.168.100.0
network 222.124.152.0
!
ip local pool PPTP_POOL 192.168.101.110 192.168.101.125
ip default-gateway 222.124.152.161
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 222.124.152.161
!
no ip http server
no ip http secure-server
!
!
ip access-list extended fahrul
remark SDM_ACL Category=18
permit ip 192.168.100.0 0.0.0.255 any
deny ip 192.168.100.0 0.0.0.255 222.124.152.165 0.0.0.24
deny ip 192.168.100.0 0.0.0.255 222.124.152.161 0.0.0.24
ip access-list extended vpn
permit ip 192.168.100.0 0.0.0.255 host 192.168.101.0
!
access-list 23 permit 10.10.20.0 0.0.0.255
access-list 77 permit 192.168.100.0 0.0.0.255
excuisme why my client can't internet access from my config
[CLINET]<-----[ROUTER]<----(INTERNET)
Clinet :
Ubuntu LTS 12.04
IP 192.168.100.2
Netmas 255.255.255.0
Gateway 192.168.100.1
DNS Server 202.134.1.10
Please help me
what's wrong with my config internal host client can't acces internet...
I really appreciate your help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide