Cisco router as a PPTP Client

Hi all, i have read the following posting -
http://groups.google.com/group/comp.dcom.sys.cisco/msg/81d58c31469d558b
and have been trying to get this to run for the last few days, can
someone point me in the right direction please ?
it is running on a 871 router with the 870c-advipservices image,
connecting to a microsoft rras box.
the connection is temporally established then dropped as if there is
some sort of negotiation issue. I have tried this with connecting to a
cisco router at the other end and it worked fine, but for some reason
it just doesn't want to connect to a rras box. i have tried 3
different rras servers just to make sure.

The config is below, i have prob missed a couple of things -

Current configuration : 1624 bytes
version 12.4

no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal

hostname Router

boot-start-marker
boot-end-marker

logging message-counter syslog
no logging console

enable secret ######
enable password #####

no aaa new-model

dot11 syslog

ip source-route

no ip gratuitous-arps

ip cef
ip multicast-routing

no ipv6 cef

multilink bundle-name authenticated

vpdn enable

vpdn-group 1
request-dialin
protocol pptp
rotary-group 0
initiate-to ip ##.##.##.##

archive
log config
hidekeys

interface FastEthernet0

interface FastEthernet1
shutdown

interface FastEthernet2
shutdown

interface FastEthernet3
shutdown

interface FastEthernet4
no ip address
shutdown
duplex auto
speed auto

interface Vlan1
ip address 10.35.23.90 255.255.255.0
ip nat inside
ip virtual-reassembly

interface Dialer0
mtu 1450
ip address negotiated
ip pim dense-mode
encapsulation ppp
dialer in-band
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer-group 1
no cdp enable
ppp pfc local request
ppp pfc remote apply
ppp encrypt mppe auto
ppp chap hostname ###
ppp chap password 0 #####

ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.35.23.254
no ip http server
no ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

dialer-list 1 protocol ip permit

control-plane

line con 0
no modem enable
line aux 0
line vty 0 4
password ######
login

scheduler max-task-time 5000
end



Any help with this problem would be appreciated

 

| Hi all, i have read the following posting -
| http://groups.google.com/group/comp.dcom.sys.cisco/msg/81d58c31469d558b
| and have been trying to get this to run for the last few days, can
| someone point me in the right direction please ?
| it is running on a 871 router with the 870c-advipservices image,
| connecting to a microsoft rras box.
| the connection is temporally established then dropped as if there is
| some sort of negotiation issue. I have tried this with connecting to a
| cisco router at the other end and it worked fine, but for some reason
| it just doesn't want to connect to a rras box. i have tried 3
| different rras servers just to make sure.

Have you done anything about the usual RAS addressing problem described
in the last point of my discussion? If not, try "no peer neighbor-route"
on the dialer interface.

Dan Lanciani
[email protected]*com

 

On Sep 26, 1:24 pm, wrote:

Hi, i made a very similar configuration using the great Dan Lanciani's
2006 post (thanks Dan!)...

But I have some issues with ppp pfc compression, so i choose to
completely disable it.
Try to configure your dialer interface with

ppp pfc local forbid
ppp pfc remote reject

you can find "my" complete configuration here:
http://rizzitech.blogspot.com/2008/09/configuring-cisco-adsl-router-acting-as.html

i hope this helps ;-)
greetings from Italy

Marco Rizzi

 

| On Sep 26, 1:24=A0pm, wrote:
|
| Hi, i made a very similar configuration using the great Dan Lanciani's
| 2006 post (thanks Dan!)...
|
| But I have some issues with ppp pfc compression, so i choose to
| completely disable it.
| Try to configure your dialer interface with
|
| ppp pfc local forbid
| ppp pfc remote reject

Recent IOS versions give alignment errors when compressing the protocol
field over PPTP or L2TP (I assume because it moves everything by one
byte) so this is a good idea.

| you can find "my" complete configuration here:
| http://rizzitech.blogspot.com/2008/09/configuring-cisco-adsl-router-acting-=
| as.html

A couple of things about the comments:

-"service internal" isn't necessary to enable VPDNs in general but to
allow a request-dialin group to be part of a rotary group or dialer pool.

-"dialer idle-timeout" doesn't affect negotiation timeouts.

-"dialer group" refers to the dialer-list number, not to the rotary.

Dan Lanciani
[email protected]*com

 

I configure cisco router as PPTP client.


In router everything is ok (ping 8.8.8.8 is ok)
But
I can not ping 8.8.8.8 from pc. (ping 8.8.8.8 -----> Request timed out.)


show interfaces dialer 0
---->Internet address is 172.16.3.37/32


Plaese HELP ME



-----------------------------------------------------
(router to pptp server):
interface gig 0/0/0
ip address 10.96.174.225 255.255.254.0
no sh

(router to pc):
interface Gig 0/1
ip nat inside
ip address 172.21.2.1 255.255.255.0
no sh

(Pc):
172.21.2.2
255.255.255.0
172.21.2.1
------------------------------------------------------


Router :

service internal
vpdn enable

vpdn-group 1
request-dialin
protocol pptp
pool-member 1
initiate-to ip 31.24.238.222
ex

interface Dialer0
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
dialer idle-timeout 0
dialer string 123
dialer vpdn
dialer persistent
ppp chap hostname pptphostname
ppp chap password 0 pptppassword
ip nat outside
ex

ip route 0.0.0.0 0.0.0.0 Dialer0
ip route 31.24.238.222 255.255.255.255 10.96.174.1

dialer-list 1 protocol ip permit
ip nat inside source list 100 interface dialer 0 overload
access-list 100 permit ip any any

--------------------------------------------------------------------------------------


Router Config:

Router2921#show running-config

version 15.2
service config
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal

!
no aaa new-model
!
ip cef
!

no ipv6 cef
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group 1
request-dialin
protocol pptp
pool-member 1
initiate-to ip 31.24.238.222
!
!
!
!
license udi pid CISCO2921/K9 sn FGL172711NU
hw-module sm 1
!


!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0

!
interface GigabitEthernet0/1
ip address 172.21.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
ip address 10.96.175.30 255.255.254.0
ip virtual-reassembly in
!
interface GigabitEthernet0/1/0

!
interface GigabitEthernet1/0
no ip address
shutdown
!
interface GigabitEthernet1/1
description Internal switch interface connected to Service Module
no ip address
!
interface Vlan1
no ip address
!
interface Dialer1
ip address negotiated
ip access-group 101 in
ip access-group 101 out
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer remote-name david
dialer idle-timeout 0
dialer string 1234
dialer persistent
dialer vpdn
dialer-group 1
ppp pfc local request
ppp pfc remote apply
ppp eap refuse
ppp chap hostname pptpusername
ppp chap password pptppassword
ppp ms-chap refuse
ppp pap refuse
no cdp enable
!
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip nat inside source list 100 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 31.24.238.0 255.255.255.0 10.96.174.1
!
access-list 100 permit ip any any
access-list 101 permit ip any any
dialer-list 1 protocol ip permit

--------------------------------------------------------------------------------------


Router2921#show ip nat translations
Pro Inside global Inside local Outside local Outside global
icmp 172.16.3.234:1 172.21.2.2:1 4.2.2.4:1 4.2.2.4:1
udp 172.16.3.234:51517 172.21.2.2:51517 4.2.2.4:53 4.2.2.4:53
udp 172.16.3.234:52168 172.21.2.2:52168 4.2.2.4:53 4.2.2.4:53
udp 172.16.3.234:52579 172.21.2.2:52579 4.2.2.4:53 4.2.2.4:53
tcp 172.16.3.234:58283 172.21.2.2:58283 2.22.144.112:80 2.22.144.112:80