Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
363
Views
0
Helpful
1
Replies

VPN over Cisco ADSL 800 router

willemvwyk
Level 1
Level 1

‎07-03-2008 04:57 PM

Hello

I am trying to allow a vpn connection through on a cisco 800 ADSL router. I have ammended the acl to read permit ip host 202.89.43.124 any eq 1723 and

permit ip any host 202.89.43.124 eq 1723

However this has still not helped. I cannot access my site remotely with VPN.

I have attached the ADSL router config.

Any help will be much appreciated

Thanks

willemvw

Labels:
Preview file
63 KB
0 Helpful
1 Reply 1

michael.leblanc
Level 4
Level 4

‎07-04-2008 01:07 PM

Those Access Control Entries are not found in any of the ACLs in your configuration.

The ACEs were probably not accepted because you have specified the protocol as IP, rather than TCP or UDP.

Port 1723 is PPTP. Although I don't work with PPTP, I see no indication in your configuration that you require PPTP anyway. It appears to me that you are trying to establish standard Cisco VPN Client IPSec connections (which has not been clearly stated).

ACL 110 is currently not applied to any interface.

The most notable deficiency is the absence of "reverse-route" from your dynamic crypto map, which is required to provision a return path to the VPN Client by injecting a route into the routing table.

crypto dynamic-map outsidemap_dyn 10

set transform-set 3DES-MD5

reverse-route

You may also wish to amend your split tunneling ACL from:

Extended IP access list acl-SplitTunnel1

10 permit ip 192.168.0.0 0.0.0.255 any

to:

Extended IP access list acl-SplitTunnel1

10 permit ip 192.168.0.0 0.0.0.255 172.22.100.0 0.0.0.255

0 Helpful
Customers Also Viewed These Support Documents