Discussion on:
View:
Show:
How would this configuration go if you were doing NAT overload for home VPN access?
Hi,
Did you get an asnwer for your question regarding PPTP VPN
through NAT? I have the same problem.
Thank You,
Nam
Did you get an asnwer for your question regarding PPTP VPN
through NAT? I have the same problem.
Thank You,
Nam
If you are using overload NAT, you can use your cisco router as a vpn server, but it will require split tunneling in order for the remote user to also be able to access the internet. The router won't allow a remote user to come in, and go out the same interface to my knowledge.
You will require correct IOS in order for you router to do vpn, unless its a hybrid router ex; 800 series.
As far as split tunneling goes, when you connect into VPN, you can still browse the internet through your source connection and keep the secure vpn tunnel with your network active or move data.
As far as split tunneling goes, when you connect into VPN, you can still browse the internet through your source connection and keep the secure vpn tunnel with your network active or move data.
i get an error message after typing that line:
xit(config-if)#peer default ip address pool defaultpool
^
% Invalid input detected at '^' marker.
can anybody help me?
xit(config-if)#peer default ip address pool defaultpool
^
% Invalid input detected at '^' marker.
can anybody help me?
Are you typing "xit(config-if)#"
along with "peer default ip address pool defaultpool" ?
You don't type this part:
"xit(config-if)#"
along with "peer default ip address pool defaultpool" ?
You don't type this part:
"xit(config-if)#"
no, of course im not typing "xit(config-if)#" but i just copied this from the command line.
was because the error message you listed was:
"% Invalid input detected at '^' marker."
and the caret is pointing to the "x" in:
"xit(config-if)#peer default ip address pool defaultpool"
Perhaps if you listed the actual error message you are receiving, someone might have a clue as to what you are trying to do.
"% Invalid input detected at '^' marker."
and the caret is pointing to the "x" in:
"xit(config-if)#peer default ip address pool defaultpool"
Perhaps if you listed the actual error message you are receiving, someone might have a clue as to what you are trying to do.
Here is an example of a working config:
Router-831#conf t
Router-831(config)#vpdn enable
Router-831(config)#username ***** password *****
Router-831(config)#ip local pool vpdn_pool 192.168.101.2 192.168.101.22
Router-831(config)#vpdn-group 1
Router-831(config-vpdn)#accept-dialin
Router-831(config-vpdn)#protocol pptp
Router-831(config-vpdn)#virtual-template 1
Router-831(config-vpdn)#exit
Router-831(config)#int virtual-template 1
Router-831(config-if)#ip unnumbered Ethernet1
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#no keepalive
Router-831(config-if)#ppp encrypt mppe auto
Router-831(config-if)#ppp authentication ms-chap ms-chap-v2
Router-831(config-if)#CTRL-Z
Router-831#
Router-831#conf t
Router-831(config)#vpdn enable
Router-831(config)#username ***** password *****
Router-831(config)#ip local pool vpdn_pool 192.168.101.2 192.168.101.22
Router-831(config)#vpdn-group 1
Router-831(config-vpdn)#accept-dialin
Router-831(config-vpdn)#protocol pptp
Router-831(config-vpdn)#virtual-template 1
Router-831(config-vpdn)#exit
Router-831(config)#int virtual-template 1
Router-831(config-if)#ip unnumbered Ethernet1
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#no keepalive
Router-831(config-if)#ppp encrypt mppe auto
Router-831(config-if)#ppp authentication ms-chap ms-chap-v2
Router-831(config-if)#CTRL-Z
Router-831#
i just want to simply configure a pptp vpn connection on a cisco 851 router.
thanks for the help so far, but when i enter "accept-dialin" im no longer in (config-vpdn) but (config-vpdn-acc-in) is it supposed to be like that, because in your post you are still in (config-vpdn)?
And also this time when i enter:
peer default ip address pool vpdn_pool
i get the same error, the marker is at the p of peer.
thanks for the help so far, but when i enter "accept-dialin" im no longer in (config-vpdn) but (config-vpdn-acc-in) is it supposed to be like that, because in your post you are still in (config-vpdn)?
And also this time when i enter:
peer default ip address pool vpdn_pool
i get the same error, the marker is at the p of peer.
Well, IOS commands do sometimes vary depending on which version of IOS is installed and the model of the device. Do this, run the command:
Router-831#sh ver
and look for a line similar to this:
System image file is "flash:c831-k9o3y6-mz.124-5b.bin"
and post back that image name so I can see exactly which beast we are dealing with.
Router-831#sh ver
and look for a line similar to this:
System image file is "flash:c831-k9o3y6-mz.124-5b.bin"
and post back that image name so I can see exactly which beast we are dealing with.
That is a stickler. According to this:
http://www.cisco.com/en/US/docs/ios/vpdn/configuration/guide/client_init_dial-in_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1105140
NOTE: You will need to scroll down a little ways to get to the actual config commands
That should be a valid config on your version.
The only thing I can think of that might make a difference is the interface you enter in this command:
ip unnumbered type number
Example:
Router(config-if)# ip unnumbered FastEthernet
0/0
make sure it is the interface that connects to your cable/dsl line.
If this doesn't help, you can post your entire config obtained by running the command:
Router-831#sh run
mask or change any usernames/passwords for security.
Maybe I can spot something in the rest of the config that is causing the issue.
http://www.cisco.com/en/US/docs/ios/vpdn/configuration/guide/client_init_dial-in_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1105140
NOTE: You will need to scroll down a little ways to get to the actual config commands
That should be a valid config on your version.
The only thing I can think of that might make a difference is the interface you enter in this command:
ip unnumbered type number
Example:
Router(config-if)# ip unnumbered FastEthernet
0/0
make sure it is the interface that connects to your cable/dsl line.
If this doesn't help, you can post your entire config obtained by running the command:
Router-831#sh run
mask or change any usernames/passwords for security.
Maybe I can spot something in the rest of the config that is causing the issue.
again i get an error message this time at setting the authentication method to chap:
Router(config-if)# ppp authentication chap
marker is again at the p of ppp.
here is the config:
xit#sh run
Building configuration...
Current configuration : 5159 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xit
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$.9Ps$TcD7AKIpplEp60bjjdjnG0
!
aaa new-model
!
!
aaa authentication login rtr-remote local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization network rtr-remote local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.168.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.168.0 255.255.255.0
default-router 192.168.168.1
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.114.152.1
ip ssh time-out 60
ip ssh authentication-retries 2
vpdn enable
!
vpdn-group 1
accept-dialin
protocol pptp
virtual-template 1
!
vpdn-group TEST-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
crypto pki trustpoint TP-self-signed-367604582
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-367604582
revocation-check none
rsakeypair TP-self-signed-367604582
!
!
crypto pki certificate chain TP-self-signed-367604582
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363736 30343538 32301E17 0D303830 35323231 36313135
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3336 37363034
35383230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B9477149 24F1DE0E 6C218AC8 01158B81 E4FA3C62 38798034 545FA1BB 7689BD60
ABD81B25 ED852182 B3840F12 DDEDD3BE C88276B6 CA1FE4B0 1A842FCC A895571B
B72F9BE9 F8925B96 E618B8A3 C943732E A6AF7972 85B5475A 9F560D33 3C02834C
9070B13F 3354478D 94E6F6FE E4D54475 1D653B5F 0CCF510B D954B246 8090DFA5
02030100 01A37230 70300F06 03551D13 0101FF04 05300301 01FF301D 0603551D
11041630 14821278 69742E79 6F757264 6F6D6169 6E2E636F 6D301F06 03551D23
04183016 8014BB66 E2F70906 4ED9AC19 EF315122 200CF9DB 719D301D 0603551D
0E041604 14BB66E2 F709064E D9AC19EF 31512220 0CF9DB71 9D300D06 092A8648
86F70D01 01040500 03818100 32846B30 BC85D87E D525B8F8 3B646068 BEB6C808
57DB4FFA 5D728C22 B724AD6E 8A4562F0 7F61FB1E 7E37344A 42B77302 08FE6416
D3D5D21D 7FC830C2 DDB8CE51 247A9C3F 2D5E711C 3521AC4C 04C382C7 86A31656
F1675A36 0460D052 F5C59F82 D0814DA4 EA1C452C 5D7B4CAB E0126BB9 9BD060F8
197C2E06 94A16309 A2998C06
quit
username **** privilege 15 secret 5 *********
username **** privilege 15 password 7 *******
username ********
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet4
tunnel mode ipsec ipv4
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.168.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname a1091006
ppp chap password 7 070E3B4A781C005007
ppp ipcp dns request
!
ip local pool SDM_POOL_1 192.168.1.1 192.168.1.255
ip local pool vpdn_pool 192.168.101.2 192.168.101.22
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.168.0 0.0.0.255
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Router(config-if)# ppp authentication chap
marker is again at the p of ppp.
here is the config:
xit#sh run
Building configuration...
Current configuration : 5159 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xit
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$.9Ps$TcD7AKIpplEp60bjjdjnG0
!
aaa new-model
!
!
aaa authentication login rtr-remote local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authorization network rtr-remote local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.168.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.168.0 255.255.255.0
default-router 192.168.168.1
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.114.152.1
ip ssh time-out 60
ip ssh authentication-retries 2
vpdn enable
!
vpdn-group 1
accept-dialin
protocol pptp
virtual-template 1
!
vpdn-group TEST-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
crypto pki trustpoint TP-self-signed-367604582
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-367604582
revocation-check none
rsakeypair TP-self-signed-367604582
!
!
crypto pki certificate chain TP-self-signed-367604582
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363736 30343538 32301E17 0D303830 35323231 36313135
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3336 37363034
35383230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B9477149 24F1DE0E 6C218AC8 01158B81 E4FA3C62 38798034 545FA1BB 7689BD60
ABD81B25 ED852182 B3840F12 DDEDD3BE C88276B6 CA1FE4B0 1A842FCC A895571B
B72F9BE9 F8925B96 E618B8A3 C943732E A6AF7972 85B5475A 9F560D33 3C02834C
9070B13F 3354478D 94E6F6FE E4D54475 1D653B5F 0CCF510B D954B246 8090DFA5
02030100 01A37230 70300F06 03551D13 0101FF04 05300301 01FF301D 0603551D
11041630 14821278 69742E79 6F757264 6F6D6169 6E2E636F 6D301F06 03551D23
04183016 8014BB66 E2F70906 4ED9AC19 EF315122 200CF9DB 719D301D 0603551D
0E041604 14BB66E2 F709064E D9AC19EF 31512220 0CF9DB71 9D300D06 092A8648
86F70D01 01040500 03818100 32846B30 BC85D87E D525B8F8 3B646068 BEB6C808
57DB4FFA 5D728C22 B724AD6E 8A4562F0 7F61FB1E 7E37344A 42B77302 08FE6416
D3D5D21D 7FC830C2 DDB8CE51 247A9C3F 2D5E711C 3521AC4C 04C382C7 86A31656
F1675A36 0460D052 F5C59F82 D0814DA4 EA1C452C 5D7B4CAB E0126BB9 9BD060F8
197C2E06 94A16309 A2998C06
quit
username **** privilege 15 secret 5 *********
username **** privilege 15 password 7 *******
username ********
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Virtual-Template1 type tunnel
ip unnumbered FastEthernet4
tunnel mode ipsec ipv4
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.168.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname a1091006
ppp chap password 7 070E3B4A781C005007
ppp ipcp dns request
!
ip local pool SDM_POOL_1 192.168.1.1 192.168.1.255
ip local pool vpdn_pool 192.168.101.2 192.168.101.22
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.168.0 0.0.0.255
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
I'm glad you sent that config. Your interface virtual-template1 is configured for tunnel mode ipsec ipv4.
For now, let's just create another virtual-template interface for testing.
Router-831#conf t
Router-831(config)#int virtual-template 2
Router-831(config-if)#ip unnumbered dialer0
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#CTRL-Z
Router-831#
Let me know if that is successful and then we will continue.
For now, let's just create another virtual-template interface for testing.
Router-831#conf t
Router-831(config)#int virtual-template 2
Router-831(config-if)#ip unnumbered dialer0
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#CTRL-Z
Router-831#
Let me know if that is successful and then we will continue.
OK, now run this command:
Router-831#sh run int virtual-template2
Did it default to type tunnel?
If it did, run these commands:
Router-831#conf t
Router-831(config)#no int virtual-template2
Router-831(config)#int virtual-template 2 type serial
Let me know the outcome.
Router-831#sh run int virtual-template2
Did it default to type tunnel?
If it did, run these commands:
Router-831#conf t
Router-831(config)#no int virtual-template2
Router-831(config)#int virtual-template 2 type serial
Let me know the outcome.
here is what happened:
xit#sh run int virtual-template 2
Building configuration...
Current configuration : 94 bytes
!
interface Virtual-Template2 type tunnel
ip unnumbered Dialer0
tunnel mode ipsec ipv4
end
xit#conf t
Enter configuration commands, one per line. End with CNTL/Z.
xit(config)#no int virtual-template 2
xit(config)#int virtual-template 2 type serial
% Warning: cannot change vtemplate type
xit#sh run int virtual-template 2
Building configuration...
Current configuration : 94 bytes
!
interface Virtual-Template2 type tunnel
ip unnumbered Dialer0
tunnel mode ipsec ipv4
end
xit#conf t
Enter configuration commands, one per line. End with CNTL/Z.
xit(config)#no int virtual-template 2
xit(config)#int virtual-template 2 type serial
% Warning: cannot change vtemplate type
is there perhaps another command instead of "del" because in config mode del doesn't work for me?
when I try to create an interface virtual-template with type tunnel on the 831 I have here, I get the same error. I've never run into this before, so I am going to try an experiment with my 831 that will require a reload. I can't do it during the day, so I will try it tonight and post back with the results.
Assuming you are using Windows 2000 or XP,
see this link:
http://www.parkansky.com/tutorials/pptp.htm
scroll down to the section that begins:
PPTP Client Setup
see this link:
http://www.parkansky.com/tutorials/pptp.htm
scroll down to the section that begins:
PPTP Client Setup
I have the answer. At least it worked on my 831. Never ran into this issue before, so I learned something.
If you run the command:
Router-831#sh int
and scroll through the output, you will see some virtual access interfaces that are automatically created when you create a virtual-template interface. You can't change the type of the virtual-template interfaces while these "extra" interfaces are live in RAM. So you have to delete all virtual-template interfaces and then reload the router.
Here are the commands:
Router-831(config)#del vpdn-group 1
Router-831(config)#del vpdn-group TEST-VPN
Router-831(config)#del interface Virtual-Template1
Router-831(config)#exit
Router-831#wr mem
Router-831#reload
Confirm the reload and when it has restarted, run these commands:
Router-831#conf t
Router-831(config)#int virtual-template 1 type serial
Router-831(config-if)#ip unnumbered dialer 0
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#no keepalive
Router-831(config-if)#ppp encrypt mppe auto
Router-831(config-if)#ppp authentication ms-chap ms-chap-v2
Router-831(config-if)#exit
Router-831(config)#vpdn-group 1
Router-831(config-vpdn)#accept-dialin
Router-831(config-vpdn)#protocol pptp
Router-831(config-vpdn)#virtual-template 1
Router-831(config-if)#CTRL-Z
Router-831#wr mem
Now you should be ready to go.
If you run the command:
Router-831#sh int
and scroll through the output, you will see some virtual access interfaces that are automatically created when you create a virtual-template interface. You can't change the type of the virtual-template interfaces while these "extra" interfaces are live in RAM. So you have to delete all virtual-template interfaces and then reload the router.
Here are the commands:
Router-831(config)#del vpdn-group 1
Router-831(config)#del vpdn-group TEST-VPN
Router-831(config)#del interface Virtual-Template1
Router-831(config)#exit
Router-831#wr mem
Router-831#reload
Confirm the reload and when it has restarted, run these commands:
Router-831#conf t
Router-831(config)#int virtual-template 1 type serial
Router-831(config-if)#ip unnumbered dialer 0
Router-831(config-if)#peer default ip address pool vpdn_pool
Router-831(config-if)#no keepalive
Router-831(config-if)#ppp encrypt mppe auto
Router-831(config-if)#ppp authentication ms-chap ms-chap-v2
Router-831(config-if)#exit
Router-831(config)#vpdn-group 1
Router-831(config-vpdn)#accept-dialin
Router-831(config-vpdn)#protocol pptp
Router-831(config-vpdn)#virtual-template 1
Router-831(config-if)#CTRL-Z
Router-831#wr mem
Now you should be ready to go.
everythin worked out, here is what it said:
xit#conf t
Enter configuration commands, one per line. End with CNTL/Z.
xit(config)#int virtual-template 1 type serial
xit(config-if)#ip unnumbered dialer 0
xit(config-if)#peer default ip address pool vpdn_pool
xit(config-if)#no keepalive
xit(config-if)#ppp encrypt mppe auto
xit(config-if)#ppp authentication ms-chap ms-chap-v2
AAA: Warning, authentication list "default" is not defined for PPP.
xit(config-if)#exit
xit(config)#vpdn-group 1
xit(config-vpdn)#accept-dialin
xit(config-vpdn-acc-in)#protocol pptp
xit(config-vpdn-acc-in)#virtual-template 1
xit(config-vpdn-acc-in)#^Z
xit#wr mem
Building configuration...
[OK]
now another silly question how do i connect to it from my remote PC?
thanks so far
xit#conf t
Enter configuration commands, one per line. End with CNTL/Z.
xit(config)#int virtual-template 1 type serial
xit(config-if)#ip unnumbered dialer 0
xit(config-if)#peer default ip address pool vpdn_pool
xit(config-if)#no keepalive
xit(config-if)#ppp encrypt mppe auto
xit(config-if)#ppp authentication ms-chap ms-chap-v2
AAA: Warning, authentication list "default" is not defined for PPP.
xit(config-if)#exit
xit(config)#vpdn-group 1
xit(config-vpdn)#accept-dialin
xit(config-vpdn-acc-in)#protocol pptp
xit(config-vpdn-acc-in)#virtual-template 1
xit(config-vpdn-acc-in)#^Z
xit#wr mem
Building configuration...
[OK]
now another silly question how do i connect to it from my remote PC?
thanks so far
is there perhaps another command instead of "del" because in config mode del doesn't work for me?
this is the result of "sh int":
Virtual-Access2 is down, line protocol is down
Hardware is Virtual Access interface
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Closed
Base VtMgr vaccess
Vaccess status 0x0, loopback not set
DTR is pulsed for 5 seconds on reset
Last input never, output never, output hang never
Last clearing of "show interface" counters 8w3d
Input queue: 0/4096/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
FastEthernet0 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb3 (bia 001e.f7d8.9bb3)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet1 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb4 (bia 001e.f7d8.9bb4)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet2 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb5 (bia 001e.f7d8.9bb5)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet3 is up, line protocol is up
Hardware is Fast Ethernet, address is 001e.f7d8.9bb6 (bia 001e.f7d8.9bb6)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 7000 bits/sec, 5 packets/sec
5 minute output rate 5000 bits/sec, 3 packets/sec
40076745 packets input, 1125742976 bytes, 0 no buffer
Received 14450999 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
26322986 packets output, 3403810972 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet4 is up, line protocol is up
Hardware is PQUICC_FEC, address is 001e.f7d8.9bbd (bia 001e.f7d8.9bbd)
Description: $ES_WAN$$FW_OUTSIDE$
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 7w2d, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/12/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 7000 bits/sec, 5 packets/sec
5 minute output rate 9000 bits/sec, 6 packets/sec
29219962 packets input, 3763823441 bytes
Received 0 broadcasts, 0 runts, 0 giants, 12 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
23125300 packets output, 4241848595 bytes, 0 underruns
0 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Vlan1 is up, line protocol is up
Hardware is EtherSVI, address is 001e.f7d8.9bb3 (bia 001e.f7d8.9bb3)
Description: $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
Internet address is 192.168.168.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 12000 bits/sec, 5 packets/sec
5 minute output rate 7000 bits/sec, 3 packets/sec
35751934 packets input, 609477701 bytes, 0 no buffer
Received 14762567 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
26323666 packets output, 3281109579 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
NVI0 is up, line protocol is up
Hardware is NVI
MTU 1514 bytes, BW 10000000 Kbit, DLY 0 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation UNKNOWN, loopback not set
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dialer0 is up, line protocol is up (spoofing)
Hardware is Unknown
Internet address is 212.114.250.113/32
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 1 seconds on reset
Interface is bound to Vi1
Last input never, output never, output hang never
Last clearing of "show interface" counters 00:20:33
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 42 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10391 packets input, 5217795 bytes
9573 packets output, 1540307 bytes
Bound to:
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 68/255, rxload 7/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoE vaccess, cloned from Dialer0
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
Interface is bound to Di0 (Encapsulation PPP)
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 7w2d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 25000 bits/sec, 11 packets/sec
5 minute output rate 16000 bits/sec, 11 packets/sec
13876182 packets input, 2582320763 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
11246485 packets output, 1774774194 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 72/255, rxload 31/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoE vaccess, cloned from Dialer0
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
Interface is bound to Di0 (Encapsulation PPP)
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 7w2d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 26000 bits/sec, 12 packets/sec
5 minute output rate 17000 bits/sec, 12 packets/sec
13876351 packets input, 2582342187 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
11246620 packets output, 1774783543 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
btw. after i wasn't able to delete these virtual templates from the CLI i deleted them via SDM but doesn't seem to be so successful, because the virtual access is still there.
this is the result of "sh int":
Virtual-Access2 is down, line protocol is down
Hardware is Virtual Access interface
MTU 1500 bytes, BW 100000 Kbit, DLY 100000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, LCP Closed
Base VtMgr vaccess
Vaccess status 0x0, loopback not set
DTR is pulsed for 5 seconds on reset
Last input never, output never, output hang never
Last clearing of "show interface" counters 8w3d
Input queue: 0/4096/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
FastEthernet0 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb3 (bia 001e.f7d8.9bb3)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet1 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb4 (bia 001e.f7d8.9bb4)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet2 is up, line protocol is down
Hardware is Fast Ethernet, address is 001e.f7d8.9bb5 (bia 001e.f7d8.9bb5)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Auto-duplex, Auto-speed
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet3 is up, line protocol is up
Hardware is Fast Ethernet, address is 001e.f7d8.9bb6 (bia 001e.f7d8.9bb6)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 7000 bits/sec, 5 packets/sec
5 minute output rate 5000 bits/sec, 3 packets/sec
40076745 packets input, 1125742976 bytes, 0 no buffer
Received 14450999 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 input packets with dribble condition detected
26322986 packets output, 3403810972 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
FastEthernet4 is up, line protocol is up
Hardware is PQUICC_FEC, address is 001e.f7d8.9bbd (bia 001e.f7d8.9bbd)
Description: $ES_WAN$$FW_OUTSIDE$
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, 100BaseTX/FX
ARP type: ARPA, ARP Timeout 04:00:00
Last input 7w2d, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/12/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 7000 bits/sec, 5 packets/sec
5 minute output rate 9000 bits/sec, 6 packets/sec
29219962 packets input, 3763823441 bytes
Received 0 broadcasts, 0 runts, 0 giants, 12 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog
0 input packets with dribble condition detected
23125300 packets output, 4241848595 bytes, 0 underruns
0 output errors, 0 collisions, 3 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
0 output buffer failures, 0 output buffers swapped out
Vlan1 is up, line protocol is up
Hardware is EtherSVI, address is 001e.f7d8.9bb3 (bia 001e.f7d8.9bb3)
Description: $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
Internet address is 192.168.168.1/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 12000 bits/sec, 5 packets/sec
5 minute output rate 7000 bits/sec, 3 packets/sec
35751934 packets input, 609477701 bytes, 0 no buffer
Received 14762567 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
26323666 packets output, 3281109579 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
NVI0 is up, line protocol is up
Hardware is NVI
MTU 1514 bytes, BW 10000000 Kbit, DLY 0 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation UNKNOWN, loopback not set
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 packets output, 0 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
Dialer0 is up, line protocol is up (spoofing)
Hardware is Unknown
Internet address is 212.114.250.113/32
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation PPP, loopback not set
Keepalive set (10 sec)
DTR is pulsed for 1 seconds on reset
Interface is bound to Vi1
Last input never, output never, output hang never
Last clearing of "show interface" counters 00:20:33
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: weighted fair
Output queue: 0/1000/64/0 (size/max total/threshold/drops)
Conversations 0/0/16 (active/max active/max total)
Reserved Conversations 0/0 (allocated/max allocated)
Available Bandwidth 42 kilobits/sec
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
10391 packets input, 5217795 bytes
9573 packets output, 1540307 bytes
Bound to:
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 68/255, rxload 7/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoE vaccess, cloned from Dialer0
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
Interface is bound to Di0 (Encapsulation PPP)
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 7w2d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 25000 bits/sec, 11 packets/sec
5 minute output rate 16000 bits/sec, 11 packets/sec
13876182 packets input, 2582320763 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
11246485 packets output, 1774774194 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
Virtual-Access1 is up, line protocol is up
Hardware is Virtual Access interface
MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec,
reliability 255/255, txload 72/255, rxload 31/255
Encapsulation PPP, LCP Open
Open: IPCP
PPPoE vaccess, cloned from Dialer0
Vaccess status 0x44, loopback not set
Keepalive set (10 sec)
Interface is bound to Di0 (Encapsulation PPP)
Last input 00:00:00, output never, output hang never
Last clearing of "show interface" counters 7w2d
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 26000 bits/sec, 12 packets/sec
5 minute output rate 17000 bits/sec, 12 packets/sec
13876351 packets input, 2582342187 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
11246620 packets output, 1774783543 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 output buffer failures, 0 output buffers swapped out
0 carrier transitions
btw. after i wasn't able to delete these virtual templates from the CLI i deleted them via SDM but doesn't seem to be so successful, because the virtual access is still there.
I typed that in a hurry. "del" should be "no" so substitute "no" for "del" in all those commands and it should work. The virtual access interfaces won't go away until you reload the router.
thanks for everything, i now was able to connect to the network from my remote PC, but now the next problem i'm facing is, how to access shares in this network?
I usually map a drive by right-clicking on "My Computer" and selecting "Map network drive" then enter:
\\ip address of server\share name
example:
\\10.1.81.5\downloads
It will prompt you for a username/password.
\\ip address of server\share name
example:
\\10.1.81.5\downloads
It will prompt you for a username/password.
i think there is still somethin not correct in the configuration, because i can neither ping nor access the shares. i believe the problem lies within the ip addresses assigned to the vpn in the router.
xit#sh run
Building configuration...
Current configuration : 5251 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xit
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$.9Ps$TcD7AKIpplEp60bjjdjnG0
!
aaa new-model
!
!
aaa authentication login rtr-remote local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authentication ppp default local
aaa authorization network rtr-remote local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.168.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.168.0 255.255.255.0
default-router 192.168.168.1
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.114.152.1
ip ssh time-out 60
ip ssh authentication-retries 2
vpdn enable
!
vpdn-group TEST-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
crypto pki trustpoint TP-self-signed-367604582
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-367604582
revocation-check none
rsakeypair TP-self-signed-367604582
!
!
crypto pki certificate chain TP-self-signed-367604582
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363736 30343538 32301E17 0D303830 35323231 36313135
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3336 37363034
35383230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B9477149 24F1DE0E 6C218AC8 01158B81 E4FA3C62 38798034 545FA1BB 7689BD60
ABD81B25 ED852182 B3840F12 DDEDD3BE C88276B6 CA1FE4B0 1A842FCC A895571B
B72F9BE9 F8925B96 E618B8A3 C943732E A6AF7972 85B5475A 9F560D33 3C02834C
9070B13F 3354478D 94E6F6FE E4D54475 1D653B5F 0CCF510B D954B246 8090DFA5
02030100 01A37230 70300F06 03551D13 0101FF04 05300301 01FF301D 0603551D
11041630 14821278 69742E79 6F757264 6F6D6169 6E2E636F 6D301F06 03551D23
04183016 8014BB66 E2F70906 4ED9AC19 EF315122 200CF9DB 719D301D 0603551D
0E041604 14BB66E2 F709064E D9AC19EF 31512220 0CF9DB71 9D300D06 092A8648
86F70D01 01040500 03818100 32846B30 BC85D87E D525B8F8 3B646068 BEB6C808
57DB4FFA 5D728C22 B724AD6E 8A4562F0 7F61FB1E 7E37344A 42B77302 08FE6416
D3D5D21D 7FC830C2 DDB8CE51 247A9C3F 2D5E711C 3521AC4C 04C382C7 86A31656
F1675A36 0460D052 F5C59F82 D0814DA4 EA1C452C 5D7B4CAB E0126BB9 9BD060F8
197C2E06 94A16309 A2998C06
quit
username ***** privilege 15 secret 5 ****************
username ***** privilege 15 password 7 *********
username ******
username **** password 7 ******
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Virtual-Template1 type serial
ip unnumbered Dialer0
peer default ip address pool vpdn_pool
no keepalive
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.168.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname a1091006
ppp chap password 7 070E3B4A781C005007
ppp ipcp dns request
!
ip local pool SDM_POOL_1 192.168.1.1 192.168.1.255
ip local pool vpdn_pool 192.168.101.2 192.168.101.22
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.168.0 0.0.0.255
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Building configuration...
Current configuration : 5251 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname xit
!
boot-start-marker
boot-end-marker
!
logging buffered 51200 debugging
logging console critical
enable secret 5 $1$.9Ps$TcD7AKIpplEp60bjjdjnG0
!
aaa new-model
!
!
aaa authentication login rtr-remote local
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authentication login sdm_vpn_xauth_ml_2 local
aaa authentication ppp default local
aaa authorization network rtr-remote local
aaa authorization network sdm_vpn_group_ml_1 local
aaa authorization network sdm_vpn_group_ml_2 local
!
aaa session-id common
!
resource policy
!
clock timezone PCTime 1
clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00
ip subnet-zero
no ip source-route
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.168.1
!
ip dhcp pool sdm-pool1
import all
network 192.168.168.0 255.255.255.0
default-router 192.168.168.1
!
!
ip cef
ip tcp synwait-time 10
no ip bootp server
ip domain name yourdomain.com
ip name-server 212.114.152.1
ip ssh time-out 60
ip ssh authentication-retries 2
vpdn enable
!
vpdn-group TEST-VPN
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
!
!
crypto pki trustpoint TP-self-signed-367604582
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-367604582
revocation-check none
rsakeypair TP-self-signed-367604582
!
!
crypto pki certificate chain TP-self-signed-367604582
certificate self-signed 01
30820248 308201B1 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 33363736 30343538 32301E17 0D303830 35323231 36313135
335A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3336 37363034
35383230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
B9477149 24F1DE0E 6C218AC8 01158B81 E4FA3C62 38798034 545FA1BB 7689BD60
ABD81B25 ED852182 B3840F12 DDEDD3BE C88276B6 CA1FE4B0 1A842FCC A895571B
B72F9BE9 F8925B96 E618B8A3 C943732E A6AF7972 85B5475A 9F560D33 3C02834C
9070B13F 3354478D 94E6F6FE E4D54475 1D653B5F 0CCF510B D954B246 8090DFA5
02030100 01A37230 70300F06 03551D13 0101FF04 05300301 01FF301D 0603551D
11041630 14821278 69742E79 6F757264 6F6D6169 6E2E636F 6D301F06 03551D23
04183016 8014BB66 E2F70906 4ED9AC19 EF315122 200CF9DB 719D301D 0603551D
0E041604 14BB66E2 F709064E D9AC19EF 31512220 0CF9DB71 9D300D06 092A8648
86F70D01 01040500 03818100 32846B30 BC85D87E D525B8F8 3B646068 BEB6C808
57DB4FFA 5D728C22 B724AD6E 8A4562F0 7F61FB1E 7E37344A 42B77302 08FE6416
D3D5D21D 7FC830C2 DDB8CE51 247A9C3F 2D5E711C 3521AC4C 04C382C7 86A31656
F1675A36 0460D052 F5C59F82 D0814DA4 EA1C452C 5D7B4CAB E0126BB9 9BD060F8
197C2E06 94A16309 A2998C06
quit
username ***** privilege 15 secret 5 ****************
username ***** privilege 15 password 7 *********
username ******
username **** password 7 ******
!
!
!
!
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
pppoe enable group global
pppoe-client dial-pool-number 1
!
interface Virtual-Template1 type serial
ip unnumbered Dialer0
peer default ip address pool vpdn_pool
no keepalive
ppp encrypt mppe auto
ppp authentication ms-chap ms-chap-v2
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.168.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip tcp adjust-mss 1452
!
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1492
ip nat outside
ip virtual-reassembly
encapsulation ppp
ip route-cache flow
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname a1091006
ppp chap password 7 070E3B4A781C005007
ppp ipcp dns request
!
ip local pool SDM_POOL_1 192.168.1.1 192.168.1.255
ip local pool vpdn_pool 192.168.101.2 192.168.101.22
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
!
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 192.168.168.0 0.0.0.255
no cdp run
!
control-plane
!
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
no modem enable
transport output telnet
line aux 0
transport output telnet
line vty 0 4
privilege level 15
transport input telnet ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
If you can ping 192.168.168.1, you are pinging the router's inside interface and that means the VPN is working. Just for a test, you can disconnect from the vpn and try pinging that same IP and it should not work.
Assuming all of the above, are there any firewalls running on the computers you are trying to ping/access shares?
Assuming all of the above, are there any firewalls running on the computers you are trying to ping/access shares?
i cannot ping the ip when i'm disconnected.
but i can't ping anythin inside the network and i know that there are no firewalls running.
but i can't ping anythin inside the network and i know that there are no firewalls running.
Do the computers on the network you are trying to use have this cisco 851(192.168.168.1) specified for their default gateway? If their is another circuit/router on the network, thay may be using it.
Try this,
telnet to the router and try pinging the server/computer on the LAN from there.
telnet to the router and try pinging the server/computer on the LAN from there.
of the computer you are working from?
Also, establish your VPN connection and the open a command prompt and run "route print" and post the output.
Also, establish your VPN connection and the open a command prompt and run "route print" and post the output.
i did all of it now via telnet from home.
the local ip address is 192.168.2.8
the outside address is: 83.171.189.100
here is what route print said (sorry it's in german:
C:\Dokumente und Einstellungen\andi>route print
===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0e 35 ed b3 be ...... Intel(R) PRO/Wireless 2200BG Network Connection
- Paketplaner-Miniport
0x3 ...44 45 53 54 42 00 ...... Nortel IPSECSHM Adapter - Paketplaner-Miniport
0x60005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Anzahl
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.8 26
0.0.0.0 0.0.0.0 192.168.101.2 192.168.101.2 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.8 192.168.2.8 25
192.168.2.8 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.8 192.168.2.8 25
192.168.101.2 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.101.255 255.255.255.255 192.168.101.2 192.168.101.2 50
212.114.250.113 255.255.255.255 192.168.2.1 192.168.2.8 25
224.0.0.0 240.0.0.0 192.168.2.8 192.168.2.8 25
224.0.0.0 240.0.0.0 192.168.101.2 192.168.101.2 1
255.255.255.255 255.255.255.255 192.168.2.8 192.168.2.8 1
255.255.255.255 255.255.255.255 192.168.2.8 3 1
255.255.255.255 255.255.255.255 192.168.101.2 192.168.101.2 1
Standardgateway: 192.168.101.2
===========================================================================
St?ndige Routen:
Keine
the local ip address is 192.168.2.8
the outside address is: 83.171.189.100
here is what route print said (sorry it's in german:
C:\Dokumente und Einstellungen\andi>route print
===========================================================================
Schnittstellenliste
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0e 35 ed b3 be ...... Intel(R) PRO/Wireless 2200BG Network Connection
- Paketplaner-Miniport
0x3 ...44 45 53 54 42 00 ...... Nortel IPSECSHM Adapter - Paketplaner-Miniport
0x60005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Anzahl
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.8 26
0.0.0.0 0.0.0.0 192.168.101.2 192.168.101.2 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.2.0 255.255.255.0 192.168.2.8 192.168.2.8 25
192.168.2.8 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.2.255 255.255.255.255 192.168.2.8 192.168.2.8 25
192.168.101.2 255.255.255.255 127.0.0.1 127.0.0.1 50
192.168.101.255 255.255.255.255 192.168.101.2 192.168.101.2 50
212.114.250.113 255.255.255.255 192.168.2.1 192.168.2.8 25
224.0.0.0 240.0.0.0 192.168.2.8 192.168.2.8 25
224.0.0.0 240.0.0.0 192.168.101.2 192.168.101.2 1
255.255.255.255 255.255.255.255 192.168.2.8 192.168.2.8 1
255.255.255.255 255.255.255.255 192.168.2.8 3 1
255.255.255.255 255.255.255.255 192.168.101.2 192.168.101.2 1
Standardgateway: 192.168.101.2
===========================================================================
St?ndige Routen:
Keine
Establish the VPN and run this command from a prompt:
tracert -d 192.168.168.x
where x is the address of the computer you need to ping.
post the output of that
tracert -d 192.168.168.x
where x is the address of the computer you need to ping.
post the output of that
C:\Dokumente und Einstellungen\andi>tracert -d 192.168.168.222
Routenverfolgung zu 192.168.168.222 ?ber maximal 30 Abschnitte
1 64 ms 54 ms 56 ms 212.114.250.113
2 * * * Zeit?berschreitung der Anforderung.
3 * * * Zeit?berschreitung der Anforderung.
4 * * * Zeit?berschreitung der Anforderung.
5 * * * Zeit?berschreitung der Anforderung.
6 * * * Zeit?berschreitung der Anforderung.
7 * * * Zeit?berschreitung der Anforderung.
8 * * * Zeit?berschreitung der Anforderung.
9 * * * Zeit?berschreitung der Anforderung.
10 * * * Zeit?berschreitung der Anforderung.
11 * * * Zeit?berschreitung der Anforderung.
12 * * * Zeit?berschreitung der Anforderung.
13 * * * Zeit?berschreitung der Anforderung.
14 * * * Zeit?berschreitung der Anforderung.
15 * * * Zeit?berschreitung der Anforderung.
16 * * * Zeit?berschreitung der Anforderung.
17 * * * Zeit?berschreitung der Anforderung.
18 * * * Zeit?berschreitung der Anforderung.
19 * * * Zeit?berschreitung der Anforderung.
20 * * * Zeit?berschreitung der Anforderung.
21 * * * Zeit?berschreitung der Anforderung.
22 * * * Zeit?berschreitung der Anforderung.
23 * * * Zeit?berschreitung der Anforderung.
24 * * * Zeit?berschreitung der Anforderung.
25 * * * Zeit?berschreitung der Anforderung.
26 * * * Zeit?berschreitung der Anforderung.
27 * * * Zeit?berschreitung der Anforderung.
28 * * * Zeit?berschreitung der Anforderung.
29 * * * Zeit?berschreitung der Anforderung.
30 * * * Zeit?berschreitung der Anforderung.
Ablaufverfolgung beendet.
after the first ip it says that it exceeds the time limit.
Routenverfolgung zu 192.168.168.222 ?ber maximal 30 Abschnitte
1 64 ms 54 ms 56 ms 212.114.250.113
2 * * * Zeit?berschreitung der Anforderung.
3 * * * Zeit?berschreitung der Anforderung.
4 * * * Zeit?berschreitung der Anforderung.
5 * * * Zeit?berschreitung der Anforderung.
6 * * * Zeit?berschreitung der Anforderung.
7 * * * Zeit?berschreitung der Anforderung.
8 * * * Zeit?berschreitung der Anforderung.
9 * * * Zeit?berschreitung der Anforderung.
10 * * * Zeit?berschreitung der Anforderung.
11 * * * Zeit?berschreitung der Anforderung.
12 * * * Zeit?berschreitung der Anforderung.
13 * * * Zeit?berschreitung der Anforderung.
14 * * * Zeit?berschreitung der Anforderung.
15 * * * Zeit?berschreitung der Anforderung.
16 * * * Zeit?berschreitung der Anforderung.
17 * * * Zeit?berschreitung der Anforderung.
18 * * * Zeit?berschreitung der Anforderung.
19 * * * Zeit?berschreitung der Anforderung.
20 * * * Zeit?berschreitung der Anforderung.
21 * * * Zeit?berschreitung der Anforderung.
22 * * * Zeit?berschreitung der Anforderung.
23 * * * Zeit?berschreitung der Anforderung.
24 * * * Zeit?berschreitung der Anforderung.
25 * * * Zeit?berschreitung der Anforderung.
26 * * * Zeit?berschreitung der Anforderung.
27 * * * Zeit?berschreitung der Anforderung.
28 * * * Zeit?berschreitung der Anforderung.
29 * * * Zeit?berschreitung der Anforderung.
30 * * * Zeit?berschreitung der Anforderung.
Ablaufverfolgung beendet.
after the first ip it says that it exceeds the time limit.
something running on 192.168.168.222 that is filtering the traffic to 192.168.101.2
Are you absolutely sure there is no firewall, i.e. windows firewall or anti-virus software that includes a firewall running on it?
Are you absolutely sure there is no firewall, i.e. windows firewall or anti-virus software that includes a firewall running on it?
a problem that i'm trying to access 192.168.168.222 from 192.168.101.2, because they have different subnets, i.e. the third part of numbers differ?
as much as i know i can access this ip from local PCs without a problem, on 192.168.168.222 an old linux distribution is running.
as much as i know i can access this ip from local PCs without a problem, on 192.168.168.222 an old linux distribution is running.
No problem there since we are talking about a router and routers route traffic from 1 subnet to another. On my 831 which is my home router, I have the peer default ip that I posted for you (192.16.101.2 - 192.168.101.22) and my office subnet is 10.1.81.0/24.
How old is the linux distro running on 192.168.168.222? Is it new enough to have iptables? If it is RedHat, you can temporarily kill the firewall by running:
Linux#service iptables stop
If it's another distro you may have to research it.
If it is running iptables, someone has obviously entered a rule to allow traffic from it's own subnet (192.168.168.0/24). If you can verify that that is the problem by temp. stopping iptables and testing, then a rule can be added to allow traffic from 192.168.101.0/24 which will cover the addresses assigned by the VPDN setup.
How old is the linux distro running on 192.168.168.222? Is it new enough to have iptables? If it is RedHat, you can temporarily kill the firewall by running:
Linux#service iptables stop
If it's another distro you may have to research it.
If it is running iptables, someone has obviously entered a rule to allow traffic from it's own subnet (192.168.168.0/24). If you can verify that that is the problem by temp. stopping iptables and testing, then a rule can be added to allow traffic from 192.168.101.0/24 which will cover the addresses assigned by the VPDN setup.
i don't know if there's a firewall running, the distro is suse but i don't know which version.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
