Question

Locked

Cisco Router 1841

By alsolaih ·
I'm using Cisco router 1841 and this is my config:
hostname INMAIA-JED
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
ip name-server x.x.x.x
ip name-server x.x.x.x
!
username xxxx privilege 15 password 0 xxxx
!
!
!
interface FastEthernet0/0
description ***** Mobily 1 Mb Link (Silver) *****
ip address x.x.x.x 255.255.255.252
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
description **** TO LAN ****
ip address x.x.x.x 255.255.255.248 secondary
ip address 192.168.1.10 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
!
ip http server
ip nat inside source list natlist interface FastEthernet0/0 overload
!
ip access-list extended natlist
permit ip 192.168.1.0 0.0.0.255 any
!
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
login local
!
end

Internet is working fine, but we're facing some problem in connecting by VPN Client to HO.
Is this configuration for the router is correct or we need to add some commands to allow all trafic from local network.

Thanks

This conversation is currently closed to new comments.

9 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

Clarifications

Collapse -
by robo_dev

What's a 'HO'?

Is your VPN client on the local 192.x.x.x network listed above?

What sort of VPN client? What ports is it using?

What sort of problem or error is VPN client having?

Can you ping and/or connect to HO VPN from another site?

If it's a port 443 SSL VPN, it should work without anything special.

Collapse -
by seanferd

Is HO Home Office?

All Answers

Collapse -

loopback address

by jmcnunes In reply to Cisco Router 1841

is there any standard for putting IP Loopbak Address?
ie: interface Loopback0
ip address 172.16.1.1 255.255.255.255

what is the IP Loopback address for router 2 and router 3 in different location?

thanks,

Collapse -

HO?

by alsolaih In reply to Cisco Router 1841

What's a 'HO'?
Head Office
Is your VPN client on the local 192.x.x.x network listed above?
Yes
What sort of VPN client? What ports is it using?
Cisco systems VPN clients version 5.0.07
What sort of problem or error is VPN client having?
VPN is connected, but we can't ping the application server there. we're using this software in many and every thing is fine. only this branch has a problem.
Can you ping and/or connect to HO VPN from another site?
Yes

Collapse -

Reponse To Answer

by NetMan1958 In reply to HO?

The router config you posted doesn't show any VPN configuration so it must not be the VPN device at HO. What device is being used as the VPN device and where is it located in the network?

Collapse -

VPN Device

by alsolaih In reply to Cisco Router 1841

The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where.

thanks

Collapse -

Secondary IP

by NetMan1958 In reply to Cisco Router 1841

What is the purpose of the secondary IP under interface FastEthernet0/1? Is it a public or private IP and does your default route "ip route 0.0.0.0 0.0.0.0 x.x.x.x" point to it or interface FastEthernet0/0 ?

Collapse -

ASA Firewall vs. Cisco router roles

by Starrdaark In reply to Cisco Router 1841

Unlikely (one can only hope) you're still having this same connectivity issue, but just in case...

In your (alsolaih) last post you stated, "The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where" yet your original post on this thread was entitled "Cisco Router 1841" with accompanying configuration.

The question which needs to be answered pertains to the reason you are attempting to configure the Cisco box at your remote/branch location when you stated all connections to the "HO" are performed via VPN client. When you say "client", I assume you're using either a web-browser based SSL connection or some sort of proprietary client interface. As such, in such circumstances it is common for the branch location not to need a VPN router functioning as an end-point to use a client connection. This is particularly true when considering you're not running Cisco gear on both ends.

So once again, the fundamental question is, "Why are you configuring your Cisco box for VPN?"

Back to Networks Forum
9 total posts (Page 1 of 1)  

Hardware Forums