Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Sergey2015-01-17 16:14:58
VPN
Sergey, 2015-01-17 16:14:58

VPN PPTP not working on Cisco 871 - what mistakes did I make?

There is a Cisco 871 router that needs to be configured so that all traffic from the office leaves via VPN PPTP.
It turned out to configure WAN and LAN
. But all my attempts to connect PPTP do not give anything ((
Here is the config:


version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal
!
hostname router-hma
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-2657071675
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2657071675
revocation-check none
rsakeypair TP-self-signed-2657071675
!
!
dot11 syslog
ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.210
!
ip dhcp pool LOCAL
network 192.168.1.0 255.255.255.0
default-router 192.168.1.100
dns-server 193.238.131.93
!
!
ip cef
ip inspect WAAS flush-timeout 10
ip domain name mydomain
!
!
vpdn enable
!
vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip 176.116.153.18
!
!
!
archive
log config
hidekeys
!
no spanning-tree vlan 1
no spanning-tree vlan 2
username LOGIN privilege 15 secret 5 PASSWORD
username LOGIN privilege 15 password 7 PASSWORD
username LOGIN privilege 15 password 7 PASSWORD
!
!
ip ssh version 1
!
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ETH-WAN$
ip address dhcp
ip nat outside
ip nat enable
ip virtual-reassembly
duplex auto
speed auto
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.1.100 255.255.255.0
ip nat inside
ip nat enable
ip virtual-reassembly
!
interface Dialer0
mtu 1440
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer idle-timeout 0
dialer string 123
dialer string inter.net
dialer vpdn
dialer-group 1
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp chap hostname LOGIN
ppp chap password 7 PASSWORD
no cdp enable
!
ip default-gateway 192.168.1.100
no ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
! ip dns
server ip nat inside source static tcp
192.168.0.2 3389 interface FastEthernet4 3389 .0.0 255.255.0.0 FastEthernet4 ip route 176.116.153.19 255.255.255.255 FastEthernet4 dhcp ! ip access-list standard INSIDE_NAT permit 192.168.1.0 0.0.0.255 ! access-list 1 permit 192.168.1.0 0.0.0.255
access-list 23 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
!
!
!
route-map INTENET permit 10
match ip address INSDE_NAT
match interface Dialer0
!
route-map LOCAL2 permit 10
match ip address INSDE_NAT
match interface FastEthernet4
!
!
control-plane
!
!
line con 0
logging synchronous
no modem enable
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 60 0
privilege level 15
password 7 1248524244535856
logging synchronous
login local
transport input ssh
!
scheduler max-task-time 5000
end

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

3 answer(s)
Report
I
Ivan, 2015-01-17
@t3mp

The pptp server address matches the remote peer address, and when establishing a PPP connection, the corresponding "C" route is added to the PPP interface, the solution is "no peer neighbor-route" because we get this address through the WAN.

Report
S
Sergey, 2015-01-17
@whitensk

Ivan : Look at the new config

version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal
!
hostname router-hma
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
no aaa new-model
!
crypto pki trustpoint TP-self-signed-2657071675
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2657071675
 revocation-check none
 rsakeypair TP-self-signed-2657071675
!
!
dot11 syslog
ip source-route
no ip gratuitous-arps
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.1.1 192.168.1.210
!
ip dhcp pool LOCAL
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.100
   dns-server 193.238.131.93
!
!
ip cef
ip inspect WAAS flush-timeout 10
ip domain name mydomain
!
!
vpdn enable
!
vpdn-group 1
 description pptp
 request-dialin
  protocol pptp
  pool-member 1
 initiate-to ip<b> 176.116.153.18</b>
!
!
!
archive
 log config
  hidekeys
!
no spanning-tree vlan 1
no spanning-tree vlan 2
username LOGIN privilege 15 secret 5 $PASS
username LOGIN privilege 15 password 7 PASS
username LOGIN privilege 15 password 7 PASS
!
!
ip ssh version 1
!
!
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
 description $ETH-WAN$
 ip address dhcp
 ip nat outside
 ip nat enable
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
 ip address 192.168.1.100 255.255.255.0
 ip nat inside
 ip nat enable
 ip virtual-reassembly
!
interface Dialer0
 mtu 1450
 ip address negotiated
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer remote-name 123
 dialer idle-timeout 0
 dialer string 123
 dialer persistent
 dialer vpdn
 dialer-group 1
 ppp pfc local request
 ppp pfc remote apply
 ppp encrypt mppe auto
 ppp chap hostname LOGIN
 ppp chap password 7 PASS
 ppp ipcp dns request
 no cdp enable
!
ip default-gateway 192.168.1.100
no ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip dns server
ip nat inside source route-map nonat interface FastEthernet4 overload
ip route 192.168.0.0 255.255.0.0 FastEthernet4 dhcp
ip route 176.116.153.18 255.255.255.255 FastEthernet4 dhcp
!
ip access-list standard INSIDE_NAT
 permit 192.168.1.0 0.0.0.255
!
logging origin-id hostname
logging server-arp
access-list 23 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run

!
!
!
!
control-plane
!
!
line con 0
 logging synchronous
 no modem enable
line aux 0
line vty 0 4
 access-class 23 in
 exec-timeout 60 0
 privilege level 15
 password 7 PASS
 logging synchronous
 login local
 transport input ssh
!
scheduler max-task-time 5000
ntp server 67.215.65.132
ntp server 91.236.251.12
end

Report
A
Archangel, 2015-01-20
@Archangel

I saw your question too late, sorry.
I wanted to clarify whether they decided or not, since they decided, I’ll be too lazy to figure it out and ask for a ready answer.

Similar questions
I
impressive172019-12-04 00:39:50
What is the difference between the structure of projects in Obj C and Swift languages? 6Reply
J
Jesus_newrba2017-03-08 06:20:09
What is a VPN client? 3Reply
V
Vladislav2017-03-13 21:46:04
How to make Viber work? 1Reply
I
Ilya2021-03-10 15:39:42
How to specify IPsec PSK when setting up a VPN client on an Asus router? 4Reply
T
Toster_User_Habra2019-08-17 09:09:45
How to set up a VPN server on android? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question