PaulVerstappen
Vendor
Hi.
I'm new here and I was wondering if someone could help me figure out why my vpdn clients have no access the internet when they are connected to our router at the office.
They use a windows dial in vpn to connect to a cisco 878 router. When they have connection to our office and they use the default gw at the remote site they can see everything on the remote network but the access to the internet is blocked. When I make a tracert of it stops at my default gw at the remote network.
Here is a copy of my config. I am a newbie as you can see in my config.
Ps. Whe don’t want to use cisco vpn client software only the windows dial in.
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
!
!
aaa session-id common
!
!
dot11 syslog
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.1.30.1 10.1.30.50
!
ip dhcp pool Vlan2
import all
network 10.1.30.0 255.255.255.0
default-router 10.1.30.1
lease 20
!
ip name-server 10.1.27.5
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group VPDN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
username "snip" privilege 15 secret 5 "snip"
username "snip" password 0 "snip"
!
!
archive
log config
hidekeys
!
!
controller DSL 0
mode atm
line-term cpe
line-mode 2-wire line-zero
dsl-mode shdsl symmetric annex B
line-rate auto
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
pvc 2/32
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
switchport access vlan 2
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Virtual-Template1
ip unnumbered Vlan2
peer default ip address pool defaultpool
no keepalive
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2
!
interface Vlan1
description Lan
ip address 10.1.27.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
description Telefonie
ip address 10.1.30.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
description --- Extern IP address ---
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
fair-queue
no cdp enable
ppp authentication chap callin
ppp pap sent-username "snip" password 0 "snip"
ppp ipcp dns request
!
ip local pool defaultpool 10.1.30.240 10.1.30.250
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
no ip http server
ip http authentication local
no ip http secure-server
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.1.27.151 80 "snip" 80 extendable
!
access-list 1 permit 10.1.27.0 0.0.0.255
access-list 1 permit 10.1.28.0 0.0.0.255
access-list 1 permit 10.1.30.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
end
I'm new here and I was wondering if someone could help me figure out why my vpdn clients have no access the internet when they are connected to our router at the office.
They use a windows dial in vpn to connect to a cisco 878 router. When they have connection to our office and they use the default gw at the remote site they can see everything on the remote network but the access to the internet is blocked. When I make a tracert of it stops at my default gw at the remote network.
Here is a copy of my config. I am a newbie as you can see in my config.
Ps. Whe don’t want to use cisco vpn client software only the windows dial in.
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
aaa new-model
!
!
aaa authentication login default local
aaa authentication ppp default local
!
!
aaa session-id common
!
!
dot11 syslog
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.1.30.1 10.1.30.50
!
ip dhcp pool Vlan2
import all
network 10.1.30.0 255.255.255.0
default-router 10.1.30.1
lease 20
!
ip name-server 10.1.27.5
!
multilink bundle-name authenticated
vpdn enable
!
vpdn-group VPDN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
username "snip" privilege 15 secret 5 "snip"
username "snip" password 0 "snip"
!
!
archive
log config
hidekeys
!
!
controller DSL 0
mode atm
line-term cpe
line-mode 2-wire line-zero
dsl-mode shdsl symmetric annex B
line-rate auto
!
!
!
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
pvc 2/32
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
!
interface FastEthernet0
!
interface FastEthernet1
switchport access vlan 2
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Virtual-Template1
ip unnumbered Vlan2
peer default ip address pool defaultpool
no keepalive
ppp encrypt mppe auto required
ppp authentication ms-chap ms-chap-v2
!
interface Vlan1
description Lan
ip address 10.1.27.254 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Vlan2
description Telefonie
ip address 10.1.30.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1452
!
interface Dialer0
description --- Extern IP address ---
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248 secondary
ip address "snip" 255.255.255.248
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
fair-queue
no cdp enable
ppp authentication chap callin
ppp pap sent-username "snip" password 0 "snip"
ppp ipcp dns request
!
ip local pool defaultpool 10.1.30.240 10.1.30.250
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
no ip http server
ip http authentication local
no ip http secure-server
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.1.27.151 80 "snip" 80 extendable
!
access-list 1 permit 10.1.27.0 0.0.0.255
access-list 1 permit 10.1.28.0 0.0.0.255
access-list 1 permit 10.1.30.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
!
!
!
!
control-plane
!
!
line con 0
no modem enable
line aux 0
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
end
