vpn on Cisco 804

Discussion in 'Cisco' started by Paul, Jul 9, 2004.

  1. Paul

    Paul Guest

    Hi,

    My question may have already een answered in a ealier post. I have a cosco
    804 router running IOS 12.0. I am trying to establish a static nat entry for
    VPN (1723).

    When i enter the command:
    ip nat inside source static tcp 10.0.0.2 1723 interface Dialer1 1723

    It fails to accept it. It does not seem to like the fact I am using the
    Dialer1 interface as the global ip.

    Can anyone see what is wrong? Here follows the config

    Current configuration:
    !
    version 12.0
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname pryoreb
    !
    enable secret 5 $1$C8Hw$L5vkda2PaexDw6bB789//.
    !
    username {removed} password 7 06160A23581D5F40
    !
    dial-peer voice 1 pots
    call-waiting
    ring 0
    port 1
    destination-pattern 2922562
    !
    dial-peer voice 2 pots
    call-waiting
    ring 0
    port 2
    destination-pattern 2922563
    !
    pots country US
    ip subnet-zero
    no ip source-route
    !
    isdn switch-type basic-ni
    !
    !
    !
    interface Ethernet0
    ip address 10.1.1.1 255.0.0.0
    no ip directed-broadcast
    no ip proxy-arp
    ip nat inside
    !
    interface BRI0
    no ip address
    no ip directed-broadcast
    encapsulation ppp
    dialer pool-member 1
    isdn switch-type basic-ni
    isdn spid1 {removed - all working}
    isdn spid2 {removed - all working}
    isdn incoming-voice modem
    ppp authentication chap pap callin
    ppp chap hostname pryor
    ppp multilink
    !
    interface Dialer1
    description ISP
    ip address negotiated
    no ip directed-broadcast
    no ip proxy-arp
    ip nat outside
    encapsulation ppp
    no ip split-horizon
    dialer remote-name bach
    dialer string {removed} class Dialclass
    dialer hold-queue 10
    dialer load-threshold 10 either
    dialer pool 1
    dialer-group 1
    ppp authentication chap pap callin
    ppp chap hostname {removed}
    ppp chap password {removed}
    ppp pap sent-username {removed} password {removed}
    ppp multilink
    !
    ip nat inside source list 18 interface Dialer1 overload
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer1
    !
    !
    map-class dialer DialClass
    dialer isdn speed 56
    access-list 18 permit 10.0.0.0 0.255.255.255
    dialer-list 1 protocol ip permit
    !
    line con 0
    exec-timeout 120 0
    transport input none
    stopbits 1
    line vty 0 4
    exec-timeout 0 0
    password 7 010303064F585056
    login local
    !
    end

    pryoreb#


    The above config works fine. I just cannot enter the static nat.

    Any help would be greatly appreciated

    Paul
     
    Paul, Jul 9, 2004
    #1
    1. Advertising

  2. Paul

    PES Guest

    I don't think the ability to static nat to an interface was introduced until
    12.2.

    "Paul" <> wrote in message
    news:40eebd47$1@wallace....
    > Hi,
    >
    > My question may have already een answered in a ealier post. I have a cosco
    > 804 router running IOS 12.0. I am trying to establish a static nat entry

    for
    > VPN (1723).
    >
    > When i enter the command:
    > ip nat inside source static tcp 10.0.0.2 1723 interface Dialer1 1723
    >
    > It fails to accept it. It does not seem to like the fact I am using the
    > Dialer1 interface as the global ip.
    >
    > Can anyone see what is wrong? Here follows the config
    >
    > Current configuration:
    > !
    > version 12.0
    > no service pad
    > service timestamps debug uptime
    > service timestamps log uptime
    > service password-encryption
    > !
    > hostname pryoreb
    > !
    > enable secret 5 $1$C8Hw$L5vkda2PaexDw6bB789//.
    > !
    > username {removed} password 7 06160A23581D5F40
    > !
    > dial-peer voice 1 pots
    > call-waiting
    > ring 0
    > port 1
    > destination-pattern 2922562
    > !
    > dial-peer voice 2 pots
    > call-waiting
    > ring 0
    > port 2
    > destination-pattern 2922563
    > !
    > pots country US
    > ip subnet-zero
    > no ip source-route
    > !
    > isdn switch-type basic-ni
    > !
    > !
    > !
    > interface Ethernet0
    > ip address 10.1.1.1 255.0.0.0
    > no ip directed-broadcast
    > no ip proxy-arp
    > ip nat inside
    > !
    > interface BRI0
    > no ip address
    > no ip directed-broadcast
    > encapsulation ppp
    > dialer pool-member 1
    > isdn switch-type basic-ni
    > isdn spid1 {removed - all working}
    > isdn spid2 {removed - all working}
    > isdn incoming-voice modem
    > ppp authentication chap pap callin
    > ppp chap hostname pryor
    > ppp multilink
    > !
    > interface Dialer1
    > description ISP
    > ip address negotiated
    > no ip directed-broadcast
    > no ip proxy-arp
    > ip nat outside
    > encapsulation ppp
    > no ip split-horizon
    > dialer remote-name bach
    > dialer string {removed} class Dialclass
    > dialer hold-queue 10
    > dialer load-threshold 10 either
    > dialer pool 1
    > dialer-group 1
    > ppp authentication chap pap callin
    > ppp chap hostname {removed}
    > ppp chap password {removed}
    > ppp pap sent-username {removed} password {removed}
    > ppp multilink
    > !
    > ip nat inside source list 18 interface Dialer1 overload
    > ip classless
    > ip route 0.0.0.0 0.0.0.0 Dialer1
    > !
    > !
    > map-class dialer DialClass
    > dialer isdn speed 56
    > access-list 18 permit 10.0.0.0 0.255.255.255
    > dialer-list 1 protocol ip permit
    > !
    > line con 0
    > exec-timeout 120 0
    > transport input none
    > stopbits 1
    > line vty 0 4
    > exec-timeout 0 0
    > password 7 010303064F585056
    > login local
    > !
    > end
    >
    > pryoreb#
    >
    >
    > The above config works fine. I just cannot enter the static nat.
    >
    > Any help would be greatly appreciated
    >
    > Paul
    >
    >
     
    PES, Jul 11, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Kevin Pierce
    Replies:
    1
    Views:
    2,050
    kingraj
    May 9, 2007
  2. RC
    Replies:
    1
    Views:
    2,002
    Bob Willey
    Jul 23, 2003
  3. JShepherd
    Replies:
    0
    Views:
    636
    JShepherd
    Jul 22, 2003
  4. Bob Willey
    Replies:
    0
    Views:
    1,423
    Bob Willey
    Jul 25, 2003
  5. David
    Replies:
    5
    Views:
    1,504
    Uli Link
    Jun 26, 2005
Loading...

Share This Page