Announcement

Collapse
No announcement yet.

[help] pptp vpn in cisco 1841

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [help] pptp vpn in cisco 1841

    what's wrong with my configuration PPTP VPN in cisco Router 1841 Series


    error message from win 7 to vpn client
    i46*tinypic*com/10oqlpx*png


    configuration :
    Code:
    version 12.4
    no service pad
    service tcp-keepalives-in
    service tcp-keepalives-out
    service timestamps debug datetime msec
    service timestamps log datetime msec
    service password-encryption
    service sequence-numbers
    !
    hostname Router
    !
    boot-start-marker
    boot system flash c1841-ipbasek9-mz.124-24.T.bin
    boot-end-marker
    !
    logging message-counter syslog
    enable secret 5 $1$eb9Q$7kMUF5Am0kVn/QXwssfrD/
    !
    aaa new-model
    !
    !
    aaa authentication login default local
    aaa authentication ppp default local
    aaa authorization network default local 
    !
    !
    aaa session-id common
    dot11 syslog
    no ip source-route
    !
    !
    !
    !
    ip cef    
    ip name-server 202.134.1.10
    ip name-server 202.134.0.155
    multilink bundle-name authenticated
    !         
    vpdn enable
    !         
    vpdn-group PPTP
    ! Default PPTP VPDN group
     accept-dialin
      protocol pptp
      virtual-template 1
    !         
    vpdn-group uin
     accept-dialin
      protocol pptp
      virtual-template 1
    !         
    !         
    !         
    !         
    !         
    username ala***in password 7 051B131C2A4343
    username fa***ul privilege 15 password 7 03520B59565F701C16594B51
    archive   
     log config
      hidekeys
    !         
    !         
    !         
    !         
    !         
    interface FastEthernet0/0
     ip address 222.124.x.181 255.255.255.224
     no ip redirects
     no ip unreachables
     no ip proxy-arp
     ip flow ingress
     ip nat inside
     ip virtual-reassembly
     duplex auto
     speed auto
     no mop enabled
    !         
    interface FastEthernet0/1
     description ====LOCAL=====
     ip address 192.168.100.1 255.255.255.0
     ip access-group 100 in
     no ip redirects
     no ip unreachables
     no ip proxy-arp
     ip flow ingress
     ip nat inside
     ip virtual-reassembly
     duplex auto
     speed auto
     no mop enabled
    !         
    interface Virtual-Template1
     description ##PPTP TUNNEL##
     ip unnumbered FastEthernet0/0
     no ip redirects
     no ip unreachables
     no ip proxy-arp
     peer default ip address pool PPTP_POOL
     no keepalive
     ppp authentication pap chap ms-chap
     ppp timeout idle 360
    !         
    ip local pool PPTP_POOL 192.168.101.110 192.168.101.125
    ip default-gateway 222.124.x.161
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 222.124.152.161
    !         
    no ip http server
    no ip http secure-server
    !         
    ip nat pool fahrul 222.124.x.181 222.124.x.181 prefix-length 29
    ip nat inside source list 77 pool fahrul overload
    !         
    access-list 23 permit 10.10.20.0 0.0.0.255
    access-list 77 permit 192.168.2.0 0.0.0.255
    access-list 100 remark auto generated by SDM firewall configuration
    access-list 100 remark SDM_ACL Category=1
    access-list 100 permit ip 192.168.100.0 0.0.0.255 any
    access-list 100 deny   ip host 255.255.255.255 any
    access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
    access-list 100 permit ip any any
    access-list 101 remark auto generated by SDM firewall configuration
    access-list 101 remark SDM_ACL Category=1
    access-list 101 permit udp host 203.197.12.30 eq domain host 121.243.96.154
    access-list 101 permit ip 10.10.20.0 0.0.0.255 192.168.100.0 0.0.0.255
    access-list 101 permit ip 10.10.10.0 0.0.0.255 192.168.100.0 0.0.0.255
    access-list 101 deny   ip 192.168.100.0 0.0.0.255 any
    access-list 101 deny   ip 10.0.0.0 0.255.255.255 any
    access-list 101 deny   ip 172.16.0.0 0.15.255.255 any
    access-list 101 deny   ip 192.168.0.0 0.0.255.255 any
    access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
    access-list 101 deny   ip host 255.255.255.255 any
    access-list 101 deny   ip host 0.0.0.0 any
    access-list 101 deny   ip any any log
    !         
    !         
    control-plane
    !         
    !         
    line con 0
    line aux 0
    line vty 0 4
     password 7 060506324F41
    !         
    scheduler allocate 20000 1000
    end

  • #2
    Re: [help] pptp vpn in cisco 1841

    I noticed in your config that you have nat "inside" assigned to your public facing interface? Should be ip nat outside.

    Also if you have any ACL's applied to that public facing interface you would need to allow tcp 1723 and protocol 47 GRE inbound.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: [help] pptp vpn in cisco 1841

      Originally posted by auglan View Post
      I noticed in your config that you have nat "inside" assigned to your public facing interface? Should be ip nat outside.

      Also if you have any ACL's applied to that public facing interface you would need to allow tcp 1723 and protocol 47 GRE inbound.
      So it's a great solution for my problem now is what is the best

      and whether there are other solutions or applications that can connect Microsoft (WIND * WS) in order to communicate with cisco VPN

      Comment


      • #4
        Re: [help] pptp vpn in cisco 1841

        Not sure what you are asking. Please state what your question is.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: [help] pptp vpn in cisco 1841

          if pptp that I make in this cisco vpn can use
          application from windows to remote client or can be connected to the cisco vpn.

          *hamachi such applications in windows 7 or cisco vpn client

          Comment


          • #6
            Re: [help] pptp vpn in cisco 1841

            Should be able to use any pptp client.
            CCNA, CCNA-Security, CCNP
            CCIE Security (In Progress)

            Comment


            • #7
              Re: [help] pptp vpn in cisco 1841

              Originally posted by auglan View Post
              Should be able to use any pptp client.
              I use ubuntu and android to be able to conect to pptp vpn cisco I've worked live on windows that have not worked, in because I do not encrypt the cisco are MPPE

              "pp encrypt mppe 128"

              Comment


              • #8
                Re: [help] pptp vpn in cisco 1841

                I have never had any luck with the windows vpn client connecting to a cisco gateway. Your mileage may vary with other clients. To be honest I dont use pptp. Normally these days it will be an ipsec or ssl vpn.
                CCNA, CCNA-Security, CCNP
                CCIE Security (In Progress)

                Comment


                • #9
                  Re: [help] pptp vpn in cisco 1841



                  please help why error vpn client in win 7 connect ting PPTP IPSEC

                  and what the purpose of the group authentication in pict can i see exampel config vpdn group password

                  Comment

                  Working...
                  X