ROUTER IS NOT ROUTING

Discussion in 'Cisco' started by kobenaw, Jan 20, 2011.

  1. kobenaw

    kobenaw

    Joined:
    Jan 20, 2011
    Messages:
    1
    I am trying to set up a dmvpn with cisco 1800 series but i cannot get past the first stage.

    1. I cannot get access to the internet after my configuration.
    2. Could it be because i am using Policy based routing and OSPF?

    Please find below my configuration. Any suggestions will be very much appreciated.

    Current configuration : 3323 bytes
    !
    version 12.4
    service timestamps debug datetime msec
    service timestamps log datetime msec
    no service password-encryption
    !
    hostname bostho
    !
    boot-start-marker
    boot-end-marker
    !
    no logging buffered
    enable secret 5 $1$sXYv$GBzoAUrMB9b5GfS7prkyT/
    !
    no aaa new-model
    dot11 syslog
    ip cef
    !
    !
    !
    !
    ip domain name hello.com.gh
    ip name-server 10.10.1.3
    ip name-server 80.87.78.11
    ip name-server 80.87.78.4
    ip name-server 10.10.11.5
    ip name-server 63.216.0.6
    !
    multilink bundle-name authenticated
    !
    !
    !
    !
    username bostho password 0 hello
    archive
    log config
    hidekeys
    !
    !
    crypto isakmp policy 5
    encr aes
    authentication pre-share
    group 2
    crypto isakmp key hello address 0.0.0.0 0.0.0.0
    crypto isakmp keepalive 20 3
    !
    !
    crypto ipsec transform-set trans2 esp-aes esp-sha-hmac
    mode transport
    !
    crypto ipsec profile bostprofile
    set transform-set trans2
    !
    !
    !
    !
    !
    !
    interface Tunnel0
    description CONNECTION TO BRANCHES
    bandwidth 1000
    ip address 10.10.100.1 255.255.255.0
    no ip redirects
    ip mtu 1436
    ip nhrp authentication hello
    ip nhrp map multicast dynamic
    ip nhrp network-id 100000
    ip nhrp holdtime 600
    ip ospf network broadcast
    ip ospf priority 2
    delay 1000
    tunnel source FastEthernet0/1
    tunnel mode gre multipoint
    tunnel key 100000
    tunnel protection ipsec profile bostprofile
    !
    interface FastEthernet0/0
    mtu 1492
    ip address 10.10.1.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452
    ip policy route-map honat
    duplex auto
    speed auto
    !
    interface FastEthernet0/1
    description $ETH-WAN$
    ip address xx.xx.54.99 255.255.255.248 secondary
    ip address xx.xx.54.100 255.255.255.248 secondary
    ip address xx.xx.54.98 255.255.255.248
    ip access-group 100 in
    ip nat outside
    ip virtual-reassembly
    duplex auto
    speed auto
    !
    router ospf 1
    log-adjacency-changes
    network 10.10.1.0 0.0.0.255 area 0
    network 10.10.100.0 0.0.0.255 area 1
    !
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 xx.xx.54.97
    ip http server
    no ip http secure-server
    ip nat inside source route-map honat interface FastEthernet0/1 overload
    ip nat inside source static tcp 10.10.1.8 80 xx.xx.54.99 80 extendable
    ip nat inside source static tcp 10.10.1.6 25 xx.xx.54.100 25 extendable
    ip nat inside source static tcp 10.10.1.6 80 xx.xx.54.100 80 extendable
    ip nat inside source static tcp 10.10.1.6 110 xx.xx.54.100 110 extendable
    ip nat inside source static tcp 10.10.1.6 443 xx.xx.54.100 443 extendable
    !
    access-list 10 permit 10.10.1.0 0.0.0.255
    access-list 100 permit udp any host xx.xx.54.98 eq isakmp
    access-list 100 permit esp any host xx.xx.54.98
    access-list 100 permit gre any host xx.xx.54.98
    access-list 100 permit ahp any host xx.xx.54.98
    access-list 100 permit tcp any host xx.xx.54.100 eq pop3
    access-list 100 permit tcp any host xx.xx.54.100 eq www
    access-list 100 permit tcp any host xx.xx.54.100 eq 443
    access-list 100 permit tcp any host xx.xx.54.100 eq smtp
    access-list 100 permit tcp any host xx.xx.54.99 eq www
    access-list 100 deny ip any any
    access-list 110 permit ip 10.10.1.0 0.0.0.255 any
    !
    !
    route-map honat permit 10
    match ip address 110
    set ip next-hop xx.xx.54.98
    set interface FastEthernet0/0
    !
    !
    !
    control-plane
    !
    !
    line con 0
    line aux 0
    line vty 0 4
    login local
    transport input telnet ssh
    scheduler allocate 20000 1000
    end
     
    kobenaw, Jan 20, 2011
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. bistri
    Replies:
    0
    Views:
    637
    bistri
    Nov 27, 2003
  2. GC

    router not routing

    GC, Jan 21, 2004, in forum: Cisco
    Replies:
    1
    Views:
    450
  3. zher
    Replies:
    2
    Views:
    9,178
  4. joeblow
    Replies:
    3
    Views:
    1,257
    Philip D'Ath
    Mar 14, 2005
  5. Sied@r
    Replies:
    3
    Views:
    8,593
    Sied@r
    Oct 20, 2005
Loading...

Share This Page