Question

Locked

Cisco 2514 pptp VPN server and NAT gateway

By b8bandy ·
Hi everyone:

Currently i m setting up a Cisco 2514 as my NAT gateway at home. its ethernet0 is connected to the internet and ethernet1 is connected to my LAN. Its IOS is c2500-JK8OS-L.12.2. i believe it support encryption for this ios. so i m trying to apply the VPN functionality into my cisco 2514 so that i could remote access for my LAN resources.
i have read severals VPN materials from the internet. below is one of the tutorials i have read.

www.parkansky.com/tutorials/pptp.htm

I have followed every steps of the tutorial and create a vpn client from my win2k using pptp as the connection. when i try to connect the client to the vpn server, the client side keeps on saying cant be connected.

however, i just couldnt make the pptp vpn connection work to access to my LAN from the internet. so I would like to ask all the network professionals that is it impossible to setup a VPN server onto a NAT gateway? The vpn only works when i turn off the nat function by canceling nat out on my ethernet0. By the way, my internet is on 24 7 and my machines with my LAN have no problem accessing to the internet.

Would any of you like to help me out? or have a look at my config for correction?

thankyou very much and have a good day.


hostname 22SHALLOWFORD
!
logging rate-limit console 10 except errors
enable secret 5 $1$t1/B$6lzwVVMM0wDHYfPyrAKmN/
!
ip subnet-zero
no ip finger

vpdn enable
vpdn-group VPN
accept-dialin
protocol pptp
virtual-template 1
exit

aaa new-model
aaa authentication ppp default local
username client password 0 testclient

ip local pool vpnpool 192.168.54.4 192.168.54.5


interface Virtual-Template1
ip unnumbered Ethernet1
encapsulation ppp
peer default ip address pool vpnpool
no keepalive
ppp encrypt mppe 40 re
ppp authentication ms-chap

ip name-server 64.71.255.198
ip name-server 4.2.2.2
ip dhcp excluded-address 192.168.54.1 192.168.54.5

ip dhcp pool lan
import all
network 192.168.54.0 255.255.255.240
default-router 192.168.54.1
dns-server 64.71.255.198 24.153.22.195 4.2.2.1 4.2.2.2
!
no ip dhcp-client network-discovery
!
!
!
!
interface Ethernet0
description this connects to the ISP
mac-address 0017.4235.dcc2
ip address dhcp
ip nat outside
no ip mroute-cache
!
interface Ethernet1
description this connects to the LAN
ip address 192.168.54.1 255.255.255.240
ip nat inside
--More-- no ip mroute-cache
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
!
ip kerberos source-interface any
ip nat inside source list 101 interface Ethernet0 overload
ip classless
ip http server
!
access-list 101 permit ip any any
!
banner motd ^CCCC
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Unauthorized Use Is Prohibited

All access to this device and network are logged. If
--More--
you do not own this device or have access you

must disconnect immediately

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
^C
!
line con 0
transport input none
line aux 0
transport input all
line vty 0 4
password class
login
!
ntp clock-period 17179729
ntp server 192.43.244.18 key 0 prefer
ntp server 131.107.1.10
ntp server 133.100.9.2
ntp server 203.139.30.195
end

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Share your knowledge
Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums