PPTP VPN with XP clients

Discussion in 'Cisco' started by johnedwardhall, Mar 24, 2007.

  1. Hi,
    I've a Cisco 1841 router and i'd like to route the PPTP clients so
    they can still see the web while connected to the VPN as at the moment
    they can't.

    Any idea's as to how to route that or what command i should be using ?
    or should i use another type of connection for them.

    aaa new-model
    aaa authentication login vpnauth group radius
    aaa authentication ppp default group radius local
    aaa authorization network default if-authenticated
    aaa authorization network vpnauth group radius
    aaa session-id common
    vpdn enable
    vpdn multihop
    vpdn logging
    vpdn logging user
    vpdn logging tunnel-drop
    vpdn ip udp ignore checksum
    vpdn search-order multihop-hostname
    vpdn-group PPTPGroup
    ! Default PPTP VPDN group
    protocol pptp
    virtual-template 10
    interface Virtual-Template10
    ip unnumbered FastEthernet0/0
    no ip redirects
    no ip unreachables
    no ip proxy-arp
    ip nat inside
    ip virtual-reassembly
    ip mroute-cache
    peer default ip address pool vpnpool
    ppp encrypt mppe 128 passive
    ppp authentication ms-chap ms-chap-v2
    ip local pool vpnpool
    radius-server host auth-port 1812 acct-port 1813 key keyword
    radius-server authorization default Framed-Protocol ppp
    radius-server vsa send accounting
    radius-server vsa send authentication
    johnedwardhall, Mar 24, 2007
  2. johnedwardhall

    Houston SBC Guest

    When setting up the the PPTP VPN on the XP box, go to the network tab, click
    on TCP/IP, then advanced--then clear use def gtwy on remote network.

    Hope this helps

    Digital Doug
    Houston SBC, Mar 25, 2007
  3. Yeah that works but i was hoping to find some way of using the router
    default gateway on the router still
    johnedwardhall, Mar 26, 2007
  4. johnedwardhall


    Nov 2, 2007
    Likes Received:
    I see that this is an old post, but you can't do split tunneling via pptp using a cisco product. YOU can however use route maps to send the internet bound traffic back to loopback and then out through the outbound interface. The problem with doing that is that all internet traffic will go through the vpn tunnel.
    danallen78, Nov 2, 2007
