Announcement

Collapse
No announcement yet.

[help] my clinet vpn not connect internet

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • [help] my clinet vpn not connect internet

    excuisme why my client can't internet access from my config


    (INTERNET)-------->[ROUTER]---->[CLINET]

    Clinet :
    Ubuntu LTS 12.04
    IP 192.168.100.2
    Netmas 255.255.255.0
    Gateway 192.168.100.1
    DNS Server 202.134.1.10

    Please help me

    what's wrong with my config
    hostname Router
    !
    boot-start-marker
    boot system flash c1841-ipbasek9-mz.124-24.T.bin
    boot-end-marker
    !
    logging message-counter syslog
    enable secret 5 $1$eb9Q$7kMUF5Am0kVn/QXwssfrD/
    !
    aaa new-model
    !
    aaa authentication login default local
    aaa authentication ppp default local
    aaa authorization network default local
    !
    aaa session-id common
    dot11 syslog
    no ip source-route
    !
    ip cef
    ip name-server 202.134.1.10
    ip name-server 202.134.0.155
    multilink bundle-name authenticated
    !
    vpdn enable
    !
    vpdn-group PPTP
    ! Default PPTP VPDN group
    accept-dialin
    protocol pptp
    virtual-template 1
    !
    username alauddin privilege 15 secret 5 $1$G03q$UwzLwisLrlanVnh6VCVZE.
    username fakhrul privilege 15 secret 5 $1$gOx9$FrpywAJZISgjnwBfs2nyj/
    archive
    log config
    hidekeys
    !
    interface FastEthernet0/0
    ip address 222.124.152.181 255.255.255.224
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    no mop enabled
    !
    interface FastEthernet0/1
    description ====LOCAL=====
    ip address 192.168.100.1 255.255.255.0
    ip access-group 100 in
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    ip nat inside
    ip virtual-reassembly
    duplex auto
    speed auto
    no mop enabled
    !
    interface Virtual-Template1
    description ##PPTP TUNNEL##
    ip unnumbered FastEthernet0/0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip flow ingress
    ip nat inside
    ip virtual-reassembly
    peer default ip address pool PPTP_POOL
    no keepalive
    ppp authentication pap chap ms-chap
    !
    ip default-gateway 222.124.152.161
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 222.124.152.161
    !
    no ip http server
    no ip http secure-server
    !
    ip nat pool fahrul 222.124.152.181 222.124.152.181 prefix-length 29
    ip nat inside source list 77 pool fahrul overload
    !
    access-list 23 permit 10.10.20.0 0.0.0.255
    !
    control-plane
    !
    line con 0
    line aux 0
    line vty 0 4
    !
    scheduler allocate 20000 1000
    end

  • #2
    Re: [help] my clinet vpn not connect internet

    i want to make this n VPN client i use GSM Modem


    but why my internal host client can't acces internet...
    I really appreciate your help

    Comment


    • #3
      Re: [help] my clinet vpn not connect internet

      Your nat pool references access-list 77 but I do not see that acl in your config.


      access-list 77 permit 192.168.100.0 0.0.0.255
      CCNA, CCNA-Security, CCNP
      CCIE Security (In Progress)

      Comment


      • #4
        Re: [help] my clinet vpn not connect internet

        Originally posted by auglan View Post
        Your nat pool references access-list 77 but I do not see that acl in your config.


        access-list 77 permit 192.168.100.0 0.0.0.255
        what do you think about this :
        ip nat pool indiapool 222.124.152.181 222.124.152.161 netmask 255.255.255.224
        ip nat inside source list fahrul pool firstpool overload

        ip access-list extended fahrul
        remark SDM_ACL Category=18
        deny ip 192.168.100.0 0.0.0.255 10.10.20.0 0.0.0.255
        deny ip 192.168.100.0 0.0.0.255 222.124.152.181 0.0.0.224
        deny ip 192.168.100.0 0.0.0.255 222.124.152.161 0.0.0.224
        deny ip 192.168.100.0 0.0.0.255 10.10.10.0 0.0.0.255
        permit ip 192.168.100.0 0.0.0.255 any

        whether it can be used as an acl

        Comment


        • #5
          Re: [help] my clinet vpn not connect internet

          Yes that could be used. The deny would exempt any traffic and permit anything else.
          CCNA, CCNA-Security, CCNP
          CCIE Security (In Progress)

          Comment


          • #6
            Re: [help] my clinet vpn not connect internet

            what do you think about this bro

            router rip
            network 192.168.100.0
            network 222.124.152.0

            Comment

            Working...
            X