Can you post your config for review please?

config of router or switch?

Sent from Cisco Technical Support iPhone App

Router please

aaa new-model

!

!

aaa authentication login auth1 local

aaa authorization network auth2 local

!

!        

aaa session-id common

!

!

dot11 syslog

ip source-route

!

!

ip dhcp excluded-address 192.168.10.200 192.168.10.254

!

ip dhcp pool PODNIK

   network 192.168.10.0 255.255.255.0

   default-router 192.168.10.1

   domain-name golfkravare.cz

   dns-server 194.228.41.65 194.228.41.113

!

ip dhcp pool HOST

   network 192.168.0.0 255.255.254.0

   domain-name golfkravare.cz

   default-router 192.168.0.1

   dns-server 194.228.41.65 194.228.41.113

!

!

ip cef   

no ip domain lookup

ip domain name golfkravare.cz

!

no ipv6 cef

multilink bundle-name authenticated

!

!

username martinik password 0 jM!ZgckR1996!dM

username service secret 5 $1$/Fvd$K34EfIc2.mxcfbh1cOYpp/

username vpn password 0 vpn

!

!

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp invalid-spi-recovery

!

crypto isakmp client configuration group vpn

key vpn123

dns 194.228.41.65 194.228.41.113

pool VPNPOOL

acl 101 

include-local-lan

netmask 255.255.255.0

!

!

crypto ipsec transform-set trs esp-3des esp-sha-hmac

!

crypto dynamic-map mydynmap 10

set transform-set trs

reverse-route

!

!

crypto map mymap client authentication list auth1

crypto map mymap isakmp authorization list auth2

crypto map mymap client configuration address respond

crypto map mymap 65535 ipsec-isakmp dynamic mydynmap

!

archive

log config

  hidekeys

!

!

ip ssh version 2

!        

class-map match-all HOST

match access-group 10

!

!

policy-map OMEZENI

class HOST

   police cir 2000000

!

!

!

!

interface ATM0

description ADSL

mtu 1452

no ip address

ip tcp adjust-mss 1452

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

description INTERNET

mtu 1452

ip tcp adjust-mss 1452

pvc 8/48

  pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

switchport access vlan 2

!

interface FastEthernet1

switchport access vlan 2

!

interface FastEthernet2

switchport access vlan 3

!

interface FastEthernet3

switchport access vlan 3

!

interface Vlan1

no ip address

!

interface Vlan2

ip address 192.168.10.1 255.255.255.0

ip mtu 1452

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

interface Vlan3

ip address 192.168.0.1 255.255.254.0

ip nat inside

ip virtual-reassembly

!

interface Dialer0

mtu 1452

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1400

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname O2

ppp chap password 0 O2

crypto map mymap

!        

ip local pool VPNPOOL 192.168.10.190 192.168.10.199

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

!

no ip http server

no ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

!

access-list 1 permit 192.168.0.0 0.0.255.255

access-list 10 permit 192.168.0.0 0.0.1.255

access-list 100 permit ip 192.168.0.0 0.0.1.255 any

access-list 101 permit ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255

!

!

!

!

!

control-plane

!

!

line con 0

logging synchronous

no modem enable

line aux 0

line vty 0 1

transport input ssh

line vty 2 4

!

scheduler max-task-time 5000

end

ok i will try but it is possible access to FTP server in 192.168.10.x subnet? When I will be for example in VPN ip adresses 10.0.0.x ?

Ok if I understand I am novice in using cisco

1) change the VPNPOOL to 10.0.0.1 10.0.0.50 or something more?

2) static route between 192.168.10.0/24 and 10.0.0.0/24

Thanks for your reply

Thanks! I was a long time with this problem!!