• Creator
  • #2146347

    Can’t get EasyVpn to work Bellsouth DSL PPPoe Netopia 2241N-VG w/Cisco 851w


    by jerrydurden ·

    I am by no means a router guru, but I have had some experience performing simple configs, however I can’t get my 851w to VPN access to work with Bellsouth DSL PPPoe. I have a Netopia 2214N-VG that is bridged to my 851w. Internet access is working and I can ssh into it. However, some sites or slow and some only load half-way AND I can’t establish a VPN connection. Any help would be appreciated. Thanks ! Here is my config:

    !This is the running config of the router:
    version 12.4
    no service pad
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    hostname CS851w
    enable secret 5 $1$SSi1$Z4YoW78K24ueywF87DvQd.
    enable password 7 151118480127282B
    aaa new-model
    aaa authentication login default local
    aaa authentication login CSREMOTES local
    aaa authorization exec default local
    aaa authorization network CSREMOTES local
    aaa session-id common
    resource policy
    clock timezone PCTime -6
    clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
    ip subnet-zero
    ip cef
    ip inspect name MYFW tcp
    ip inspect name MYFW udp
    ip domain name
    vpdn enable
    crypto pki trustpoint TP-self-signed-4233279387
    enrollment selfsigned
    subject-name cn=IOS-Self-Signed-Certificate-4233279387
    revocation-check none
    rsakeypair TP-self-signed-4233279387
    crypto pki certificate chain TP-self-signed-4233279387
    certificate self-signed 01
    30820245 308201AE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
    31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
    69666963 6174652D 34323333 32373933 3837301E 170D3038 30353032 30323335
    34305A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
    4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 32333332
    37393338 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
    8100D933 2D1BAA3B 7B11A825 ED63FA76 150F0A6F 967566A6 7070EFA0 A33E54D2
    023A5494 C68AA85B 187A7C58 8EC8DC39 79AEAF2E C7A11EE7 360CB979 5E76878E
    E8743CB5 4679BE5C CE6D0BCB BF9758C7 EDC93A80 67220800 1BA642D3 5AD1C98D
    9EB3F5F1 C48AED23 CA8764FB ABF2320F 180D58D2 5B410622 1E697B0B B566BA8D
    862B0203 010001A3 6D306B30 0F060355 1D130101 FF040530 030101FF 30180603
    551D1104 11300F82 0D435338 3531772E 43532E63 6F6D301F 0603551D 23041830
    168014A6 287EA022 347C4872 7221D126 1DB02286 903B0230 1D060355 1D0E0416
    0414A628 7EA02234 7C487272 21D1261D B0228690 3B02300D 06092A86 4886F70D
    01010405 00038181 00C375BC D45889E7 F56FC4AF 5D79BB0C C3384D07 E7ABD567
    D2C8D0A1 5907E6A7 8D90FEF2 249851DD 26D5AFF2 42B8573B 7F830E5F F21CA6C1
    340E8776 CD3070A7 609B5C4E 5D8C8621 8DFA8549 F8831BE4 EBFBC6CE 3C3C4971
    6FFA9A08 FD239C0B 34B3CFFC 4A9D662C 9C883F29 301ED491 F7C6A661 D5ED4075
    F2BD7788 A1B4FC9F 00
    username admin privilege 15 password 7 passwordgoeshere
    username csremote1 password 7 passwordgoeshere
    crypto isakmp policy 1
    encr 3des
    hash md5
    authentication pre-share
    group 2
    lifetime 36000
    crypto isakmp client configuration group CSREMOTES
    key 550Lobdell
    domain namegoeshere
    crypto ipsec security-association lifetime seconds 86400
    crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac
    crypto dynamic-map remotemap 1
    set transform-set vpn1
    crypto map remotemap isakmp authorization list CSREMOTES
    crypto map remotemap client configuration address respond
    crypto map static-map 1 ipsec-isakmp dynamic remotemap
    bridge irb
    interface FastEthernet0
    spanning-tree portfast
    interface FastEthernet1
    spanning-tree portfast
    interface FastEthernet2
    spanning-tree portfast
    interface FastEthernet3
    spanning-tree portfast
    interface FastEthernet4
    no ip address
    duplex auto
    speed auto
    pppoe enable group global
    pppoe-client dial-pool-number 1
    no cdp enable
    interface Dot11Radio0
    no ip address
    encryption vlan 1 mode ciphers tkip
    encryption vlan 20 mode ciphers tkip
    ssid CS-WiFi
    vlan 1
    authentication open
    authentication key-management wpa
    wpa-psk ascii 7 014653547704040B244042
    speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
    channel 2462
    station-role root
    no cdp enable
    interface Dot11Radio0.1
    encapsulation dot1Q 1 native
    no snmp trap link-status
    bridge-group 1
    bridge-group 1 subscriber-loop-control
    bridge-group 1 spanning-disabled
    bridge-group 1 block-unknown-source
    no bridge-group 1 source-learning
    no bridge-group 1 unicast-flooding
    interface Vlan1
    description Internal Network
    no ip address
    ip nat inside
    ip virtual-reassembly
    bridge-group 1
    bridge-group 1 spanning-disabled
    interface Dialer1
    mtu 1492
    ip address negotiated
    ip access-group Internet-inbound-ACL in
    ip inspect MYFW out
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    ppp authentication chap pap callin
    ppp chap hostname
    ppp chap password mypassword
    ppp pap sent-username password mypassword
    ppp ipcp dns request
    ppp ipcp address accept
    crypto map static-map
    interface BVI1
    description Bridge to Internal Network
    ip address
    ip nat inside
    ip virtual-reassembly
    ip local pool remote_pool
    ip classless
    ip route Dialer1
    no ip http server
    ip http secure-server
    ip nat inside source list 1 interface Dialer1 overload
    ip nat inside source static tcp 25 interface Dialer1 25
    ip nat inside source static tcp 135 interface Dialer1 135
    ip nat inside source static tcp 143 interface Dialer1 143
    ip nat inside source static tcp 3389 interface Dialer1 3389
    ip nat inside source static tcp 443 interface Dialer1 443
    ip access-list extended Internet-inbound-ACL
    remark SDM_ACL Category=17
    permit tcp any any eq 3389
    permit udp any eq bootps any eq bootpc
    permit gre any any
    permit esp any any
    permit tcp any any eq 443
    permit tcp any any eq 22
    permit icmp any any
    permit tcp any any eq smtp
    permit tcp any any eq ftp
    permit tcp any any eq ftp-data
    permit tcp any any eq 1023
    access-list 1 permit
    dialer-list 1 protocol ip list 1
    bridge 1 route ip
    banner login ^CYou have reached a secure area! Unauthorized access is strictly prohibited!^C
    banner motd ^C
    You have reached a secure area! Unauthorized access / usage is strictly prohibited!^C
    line con 0
    exec-timeout 35791 0
    password 7 011015405E060500
    logging synchronous
    no modem enable
    line aux 0
    exec-timeout 35791 0
    line vty 0 4
    exec-timeout 35791 0
    password 7 06051C6549430A16
    logging synchronous
    transport input ssh
    scheduler max-task-time 5000

All Answers

Viewing 1 reply thread