| All Categories |
Primers
VPN, Firewall, Security ... |
Guides
HowTo, Choosing a VPN ... |
Reference
Articles, FAQs, Whitepapers ... |
Standards
Architectures, Protocols ... |
Downloads
VPN, Firewall, Security ... |
Products & Services
Hardware, Software, Services |
| Organizations |
Business
Market Research, Law ... |
| Forums |
News
Archive, Events, Newsletters ... |
|
|
| |
| VPN labs is an open community for researching, testing, reviewing, and discussing Virtual Private Networks. Get trusted, unbiased advice on just about everything related to VPN. For more detail check: How to use this site. VPN Labs - VIRTUAL PRIVATE NETWORKS - Free VPN Software and Virtual Private Network News. |
|
|
|
|
asifkhanpk_01
Member since:
2009-07-24 23:56:59 |  posted: 2009-07-25 00:01:59
remote access VPN problem
----------
Dear friends
!
I am
continuously facing a
problem with my remote
access VPN. I am
successfully
authenticated with the
cisco router and i can
get an IP address from
the pool defined on the
router. My pool of IPs on
router is 192.168.5.10
------- 192.168.5.15. Let
suppose i get an IP
192.168.5.12 from the
pool, now i can only ping
to the default gateway of
router which is
192.168.4.254 but i can
not ping to other PCs or
Servers on local LAN in
Bahrain.
My
network scenario
is
Remote PC(with
VPN client
software)------------
-INTERNET--------Cisco
router(with remote vpn
configured)------------
-------Switch-----LAN
PCs[/b]
PLZ HELP
ME . . . . . .
My
configurations are
below
!
version
12.4
no service
pad
service timestamps
debug datetime
msec
service
timestamps log datetime
msec
no service
password-encryption
!<
br>hostname
BCCI
!
boot-start-m
arker
boot-end-marker<
br>!
logging buffered
51200
warnings
!
aaa
new-model
!
!
aa
a authentication login
default local
aaa
authentication login
loginmanama local
aaa
authorization exec
default local
aaa
authorization network
vpngroup
local
!
!
aaa
session-id
common
!
crypto pki
trustpoint
TP-self-signed-3333351654
enrollment
selfsigned
subject-nam
e
cn=IOS-Self-Signed-Certif
icate-3333351654
revoc
ation-check
none
rsakeypair
TP-self-signed-3333351654
!
!
crypto pki
certificate chain
TP-self-signed-3333351654
certificate
self-signed
01
3082024B 308201B4
A0030201 02020101
300D0609 2A864886
F70D0101
04050030
31312F30
2D060355 04031326
494F532D 53656C66
2D536967 6E65642D
43657274
69666963
6174652D 33333333
33353136 3534301E
170D3032 30333031
30303036
35335A17
0D323030 31303130
30303030 305A3031
312F302D 06035504
03132649
4F532D53
656C662D 5369676E
65642D43 65727469
66696361 74652D33
33333333
35313635
3430819F 300D0609
2A864886 F70D0101
01050003 818D0030
81890281
8100B92C
656769B8 E4C85FFF
89A6A7B0 0AC37712
F9CC6732 E625DDCA
8E071460
2C1269F6
34B99A20 75C0762D
3DA5F79D B14193CC
F8562B06 ABB9F71E
04D0DC99
67D0BFDA
F005123D D3C2DCA5
F933DA94 64B5D0C8
452B4681 97F0424B
3AB7A52B
60B51D19
1FFA76F5 2B4F3313
E64AABED C1639A34
FA39031A CED87B62
2C384F5C
36E90203
010001A3 73307130
0F060355 1D130101
FF040530 030101FF
301E0603
551D1104
17301582 13424343
492E796F 7572646F
6D61696E 2E636F6D
301F0603
551D2304
18301680 141034E8
F10B190F 93BC4515
2C869C46 22A0DBEC
98301D06
03551D0E
04160414 1034E8F1
0B190F93 BC45152C
869C4622 A0DBEC98
300D0609
2A864886
F70D0101 04050003
81810000 971000BD
258C81D5 75E55AAD
C2E150A1
9AF73EA7
9D79024B 1CE67EB9
5FFDBD1C 4B2D8839
2B7D10B2 F238FE96
DE30A302
631D80C3
B971AF94 48922786
2C5A3BD0 84E39704
22E7FCF0 7B800966
0389AB91
1077A3DB
105535F2 A698A4BE
3731108B 23963F48
58194BF0 1142F202
F49B5762
57C43161
67731789 19CFD573
D014C3
quit
dot11
syslog
ip cef
no ip
dhcp use vrf
connected
ip dhcp
excluded-address
10.10.10.1
!
ip
dhcp pool
sdm-pool
import
all
network 10.10.10.0
255.255.255.248
defaul
t-router
10.10.10.1
lease 0
2
!
!
!
no ip
domain lookup
ip
domain name
yourdomain.com
!
!<
br>!
username cisco
privilege 15 password 7
020B1056131E176C541F
u
sername asif privilege 15
password 7
011E1F145A1815182E5E4A
!
!
crypto isakmp
policy 1
encr
3des
authentication
pre-share
group
2
crypto isakmp
fragmentation
!
cry
pto isakmp client
configuration group
vpn
key cisco
pool
mypool
acl
101
netmask
255.255.255.0
!
!crypto ipsec
transform-set
ESP-3DES-SHA esp-3des
esp-sha-hmac
!
cryp
to dynamic-map dynmap
1
set transform-set
ESP-3DES-SHA
reverse-r
oute
!
!
crypto
map smap client
authentication list
loginmanama
crypto map
smap isakmp authorization
list vpngroup
crypto
map smap client
configuration address
respond
crypto map
smap 65535 ipsec-isakmp
dynamic
dynmap
!
archive
log
config
hidekeys
!!
!
!
!
int
erface ATM0
no ip
address
no atm
ilmi-keepalive
dsl
sync mode itu
dsl
operating-mode
auto
!
interface
ATM0.1
point-to-point
pvc
8/35
pppoe-client
dial-pool-number
1
!
!
interface
FastEthernet0
!
int
erface
FastEthernet1
!
int
erface
FastEthernet2
!
int
erface
FastEthernet3
!
int
erface
Vlan1
description
$ETH-SW-LAUNCH$$INTF-INFO
-HWIC 4ESW$
ip address
192.168.4.254
255.255.255.0
ip nat
inside
ip
virtual-reassembly
ip
tcp adjust-mss
1452
!
interface
Dialer0
ip address
negotiated
ip
access-group 122
out
ip mtu 1492
ip
nat outside
ip
virtual-reassembly
enc
apsulation ppp
dialer
pool 1
dialer-group
1
no cdp enable
ppp
authentication chap pap
callin
ppp chap
hostname mtmie
ppp
chap password 7
09545B5D0C50414B0D
ppp
pap sent-username mtmie
password 7
140F075F19517C7222
cry
pto map smap
!
ip
local pool mypool
192.168.5.10
192.168.5.15
ip
forward-protocol nd
ip
route 0.0.0.0 0.0.0.0
Dialer0
ip route
192.168.5.0 255.255.255.0
ATM0
!
ip http
server
ip http
access-class 23
ip
http authentication
local
ip http
secure-server
ip http
timeout-policy idle 60
life 86400 requests
10000
ip nat inside
source list 1 interface
Dialer0
overload
!
access-l
ist 1 permit 192.168.4.0
0.0.0.255
access-list
23 permit 10.10.10.0
0.0.0.7
dialer-list 1
protocol ip
permit
access-list 101
permit ip 192.168.5.0
0.0.0.255
any
PLZ HELP
ME . . . . |
|
