Questions

Cisco Router 1841

Tags:
+
1 Votes
Locked

Cisco Router 1841

alsolaih
I'm using Cisco router 1841 and this is my config:
hostname INMAIA-JED
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
ip cef
!
!
no ip dhcp use vrf connected
!
!
ip name-server x.x.x.x
ip name-server x.x.x.x
!
username xxxx privilege 15 password 0 xxxx
!
!
!
interface FastEthernet0/0
description ***** Mobily 1 Mb Link (Silver) *****
ip address x.x.x.x 255.255.255.252
ip nat outside
duplex auto
speed auto
!
interface FastEthernet0/1
description **** TO LAN ****
ip address x.x.x.x 255.255.255.248 secondary
ip address 192.168.1.10 255.255.255.0
ip nat inside
duplex auto
speed auto
!
ip classless
ip route 0.0.0.0 0.0.0.0 x.x.x.x
!
ip http server
ip nat inside source list natlist interface FastEthernet0/0 overload
!
ip access-list extended natlist
permit ip 192.168.1.0 0.0.0.255 any
!
!
control-plane
!
!
line con 0
login local
line aux 0
line vty 0 4
login local
!
end

Internet is working fine, but we're facing some problem in connecting by VPN Client to HO.
Is this configuration for the router is correct or we need to add some commands to allow all trafic from local network.

Thanks

Clarifications

robo_dev

What's a 'HO'?

Is your VPN client on the local 192.x.x.x network listed above?

What sort of VPN client? What ports is it using?

What sort of problem or error is VPN client having?

Can you ping and/or connect to HO VPN from another site?

If it's a port 443 SSL VPN, it should work without anything special.

seanferd

Is HO Home Office?

  • +
    1 Votes
    jmcnunes

    is there any standard for putting IP Loopbak Address?
    ie: interface Loopback0
    ip address 172.16.1.1 255.255.255.255

    what is the IP Loopback address for router 2 and router 3 in different location?

    thanks,

    +
    1 Votes

    HO?

    alsolaih

    What's a 'HO'?
    Head Office
    Is your VPN client on the local 192.x.x.x network listed above?
    Yes
    What sort of VPN client? What ports is it using?
    Cisco systems VPN clients version 5.0.07
    What sort of problem or error is VPN client having?
    VPN is connected, but we can't ping the application server there. we're using this software in many and every thing is fine. only this branch has a problem.
    Can you ping and/or connect to HO VPN from another site?
    Yes

    +
    0 Votes
    NetMan1958

    The router config you posted doesn't show any VPN configuration so it must not be the VPN device at HO. What device is being used as the VPN device and where is it located in the network?

    +
    1 Votes
    alsolaih

    The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where.

    thanks

    +
    1 Votes
    NetMan1958

    What is the purpose of the secondary IP under interface FastEthernet0/1? Is it a public or private IP and does your default route "ip route 0.0.0.0 0.0.0.0 x.x.x.x" point to it or interface FastEthernet0/0 ?

    +
    0 Votes
    Starrdaark

    Unlikely (one can only hope) you're still having this same connectivity issue, but just in case...

    In your (alsolaih) last post you stated, "The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where" yet your original post on this thread was entitled "Cisco Router 1841" with accompanying configuration.

    The question which needs to be answered pertains to the reason you are attempting to configure the Cisco box at your remote/branch location when you stated all connections to the "HO" are performed via VPN client. When you say "client", I assume you're using either a web-browser based SSL connection or some sort of proprietary client interface. As such, in such circumstances it is common for the branch location not to need a VPN router functioning as an end-point to use a client connection. This is particularly true when considering you're not running Cisco gear on both ends.

    So once again, the fundamental question is, "Why are you configuring your Cisco box for VPN?"

  • +
    1 Votes
    jmcnunes

    is there any standard for putting IP Loopbak Address?
    ie: interface Loopback0
    ip address 172.16.1.1 255.255.255.255

    what is the IP Loopback address for router 2 and router 3 in different location?

    thanks,

    +
    1 Votes

    HO?

    alsolaih

    What's a 'HO'?
    Head Office
    Is your VPN client on the local 192.x.x.x network listed above?
    Yes
    What sort of VPN client? What ports is it using?
    Cisco systems VPN clients version 5.0.07
    What sort of problem or error is VPN client having?
    VPN is connected, but we can't ping the application server there. we're using this software in many and every thing is fine. only this branch has a problem.
    Can you ping and/or connect to HO VPN from another site?
    Yes

    +
    0 Votes
    NetMan1958

    The router config you posted doesn't show any VPN configuration so it must not be the VPN device at HO. What device is being used as the VPN device and where is it located in the network?

    +
    1 Votes
    alsolaih

    The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where.

    thanks

    +
    1 Votes
    NetMan1958

    What is the purpose of the secondary IP under interface FastEthernet0/1? Is it a public or private IP and does your default route "ip route 0.0.0.0 0.0.0.0 x.x.x.x" point to it or interface FastEthernet0/0 ?

    +
    0 Votes
    Starrdaark

    Unlikely (one can only hope) you're still having this same connectivity issue, but just in case...

    In your (alsolaih) last post you stated, "The VPN device (ASA firewall 5510)is located in head office, and we can use the VPN client from any where" yet your original post on this thread was entitled "Cisco Router 1841" with accompanying configuration.

    The question which needs to be answered pertains to the reason you are attempting to configure the Cisco box at your remote/branch location when you stated all connections to the "HO" are performed via VPN client. When you say "client", I assume you're using either a web-browser based SSL connection or some sort of proprietary client interface. As such, in such circumstances it is common for the branch location not to need a VPN router functioning as an end-point to use a client connection. This is particularly true when considering you're not running Cisco gear on both ends.

    So once again, the fundamental question is, "Why are you configuring your Cisco box for VPN?"