vpn client cisco 2821

Discussion in 'Cisco' started by seandandrews, Jul 6, 2008.

  1. seandandrews

    seandandrews

    Joined:
    Jul 6, 2008
    Messages:
    1
    I have tried numerous al variations but whenever I connect via cisco vpn client software I can only ping the router - no internal IPs. can someone take a look and revert?

    version 12.4
    no service pad
    service tcp-keepalives-in
    service timestamps debug datetime msec localtime
    service timestamps log datetime localtime
    no service password-encryption
    !
    hostname evocap-nyc0
    !
    boot-start-marker
    boot-end-marker
    !
    logging buffered 50000 warnings
    no logging rate-limit
    no logging console
    enable password netq
    !
    aaa new-model
    !
    !
    aaa authentication login userauthen local
    aaa authorization network groupauthor local
    !
    aaa session-id common
    clock timezone EST -5
    clock summer-time EDT recurring
    no ip source-route
    !
    !
    ip cef
    no ip dhcp conflict logging
    !
    !
    ip auth-proxy max-nodata-conns 3
    ip admission max-nodata-conns 3
    ip dhcp-server 192.168.1.1
    !
    !
    voice-card 0
    no dspfarm
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    !
    username sean privilege 15 password 0 j^Mn0)*
    username netq privilege 15 password 0 netq
    username user password 0 cisco
    !
    !
    no ip ftp passive
    !
    !
    crypto isakmp policy 1
    encr 3des
    hash md5
    authentication pre-share
    group 2
    !
    crypto isakmp policy 10
    hash md5
    authentication pre-share
    group 2
    crypto isakmp key ClownToClown address 206.81.255.74
    !
    crypto isakmp client configuration group evo
    key l3tm31n!
    dns 192.168.1.5
    domain evocapman.com
    pool vpnusers
    acl 104
    !
    !
    crypto ipsec transform-set officeVPN esp-des esp-md5-hmac
    crypto ipsec transform-set myset esp-3des esp-md5-hmac
    !
    crypto dynamic-map dynmap 1
    set transform-set myset
    reverse-route
    !
    !
    crypto map clientmap client authentication list userauthen
    crypto map clientmap isakmp authorization list groupauthor
    crypto map clientmap client configuration address respond
    crypto map clientmap 1 ipsec-isakmp dynamic dynmap
    !
    crypto map officeVPN 10 ipsec-isakmp
    set peer 206.81.255.74
    set transform-set officeVPN
    match address 110
    !
    !
    !
    !
    interface Loopback0
    ip address 192.169.0.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    !
    interface GigabitEthernet0/0
    ip address 208.105.16.234 255.255.255.248
    ip nat outside
    ip virtual-reassembly
    ip policy route-map VPN-Client
    duplex auto
    speed auto
    crypto map clientmap
    !
    interface GigabitEthernet0/1
    ip address 192.168.1.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    no ip mroute-cache
    duplex auto
    speed auto
    !
    ip local pool vpnusers 10.10.10.100 10.10.10.199
    ip forward-protocol nd
    ip route 0.0.0.0 0.0.0.0 208.105.16.233
    !
    !
    ip http server
    ip http authentication local
    no ip http secure-server
    ip http timeout-policy idle 60 life 86400 requests 10000
    ip nat inside source list 103 interface GigabitEthernet0/0 overload
    ip nat inside source static tcp 192.168.1.6 3389 interface GigabitEthernet0/0 3389
    ip nat inside source static tcp 192.168.1.6 110 interface GigabitEthernet0/0 110
    ip nat inside source static tcp 192.168.1.6 80 interface GigabitEthernet0/0 80
    ip nat inside source static tcp 192.168.1.6 25 interface GigabitEthernet0/0 25
    ip nat inside source static tcp 192.168.1.6 21 interface GigabitEthernet0/0 21
    ip nat inside source static 192.168.1.6 208.105.16.237
    ip nat inside source static 192.168.1.5 208.105.16.238
    !
    ip access-list extended sean
    permit tcp any gt 1023 any eq smtp
    permit tcp any gt 1023 any eq www
    permit tcp any gt 1023 any eq pop3
    !
    access-list 102 deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
    access-list 102 permit ip 192.168.0.0 0.0.255.255 any
    access-list 103 deny ip 192.168.1.0 0.0.0.255 10.10.10.0 0.0.0.255
    access-list 103 permit ip 192.168.1.0 0.0.0.255 any
    access-list 104 deny ip 192.168.1.0 0.0.0.255 10.10.10.0 0.0.0.255
    access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
    access-list 150 deny ip 192.168.0.0 0.0.255.255 192.168.0.0 0.0.255.255
    access-list 150 permit ip 192.168.0.0 0.0.255.255 any
    access-list 154 permit ip any any
    access-list 161 permit ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
    !
    !
    !
    !
    control-plane
    !
    !
    !
    !
    !
    !
    !
    !
    !
    banner login ^CC
    ##########################################################################
    # #
    # *** AUTHORIZED USERS ONLY *** #
    # #
    # This is a private network. #
    # The unauthorized access, use or modification of this device, #
    # network, the data contained herein, or in transit to and from #
    # is a violation of federal, state, and local laws. #
    # You must have explicit permission to configure the device or #
    # or access the network. All activities on this device are #
    # logged and the network is monitored. Persons violating the #
    # system shall be prosecuted to the fullest extent permitted #
    # by law. #
    ##########################################################################
    ^C
    !
    line con 0
    line aux 0
    password frank
    no flush-at-activation
    line vty 0 4
    exec-timeout 60 0
    privilege level 15
    password input ssh
    no flush-at-activation
    transport input telnet
    !
    scheduler allocate 20000 1000
    ntp clock-period 17180871
    ntp server 199.125.189.34
    !
    end
    seandandrews, Jul 6, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. MP
    Replies:
    2
    Views:
    12,207
  2. jarcar
    Replies:
    0
    Views:
    565
    jarcar
    Feb 12, 2004
  3. Nick
    Replies:
    2
    Views:
    2,343
  4. D K
    Replies:
    4
    Views:
    441
  5. Ned
    Replies:
    0
    Views:
    524
Loading...

Share This Page