VPN doesn't work, not sure why....

Discussion in 'Cisco' started by Doug, Nov 17, 2003.

  1. Doug

    Doug Guest

    Here's the router's config:

    Router#sho run
    Building configuration...

    Current configuration:
    !
    version 12.0
    service timestamps debug uptime
    service timestamps log uptime
    no service password-encryption
    !
    hostname Router
    !
    enable password **************
    !
    ip subnet-zero
    ip name-server 168.215.165.186
    !
    !
    !
    interface Loopback0
    no ip address
    no ip directed-broadcast
    shutdown
    !
    interface Ethernet0
    description connected to EthernetLAN
    ip address 206.96.208.1 255.255.255.0
    no ip directed-broadcast
    ip nat inside
    !
    interface Ethernet1
    description connected to Internet
    ip address 64.132.234.18 255.255.255.240
    no ip directed-broadcast
    ip nat outside
    !
    interface Serial0
    no ip address
    no ip directed-broadcast
    no ip mroute-cache
    shutdown
    !
    interface Serial1
    no ip address
    no ip directed-broadcast
    shutdown
    !
    router rip
    version 1
    network 206.96.208.0
    network 206.97.207.0
    neighbor 206.96.207.80
    neighbor 206.96.208.80
    !
    ip nat inside source list 1 interface Ethernet1 overload
    ip nat inside source static tcp 206.96.208.10 1723 64.132.234.18 1723
    extendable
    ip classless
    ip route 0.0.0.0 0.0.0.0 64.132.234.17
    ip route 206.96.207.0 255.255.255.0 206.96.208.80
    !
    access-list 1 permit 206.96.208.0 0.0.0.255
    access-list 1 permit 206.96.207.0 0.0.0.255
    snmp-server community public RO
    snmp-server contact ***********************
    !
    line con 0
    exec-timeout 0 0
    password none
    login
    transport input none
    line aux 0
    line vty 0 4
    password none
    login
    !
    end
    The 206 is the internal IP, the 64 is the external.



    And here's the config I saw in the newsgroup to forward traffic on a
    particular port

    int e0/0
    desc This is the inside address using RFC address
    ip addr 10.1.1.1 255.255.255.0
    ip nat inside
    !
    int s0/0
    desc This goes to the ISP using assigned address x.x.x.1/30
    ip address x.x.x.1 255.255.255.252
    ip nat outside
    !
    ! Next line determines who will get to use the NAT
    ip access-list 1 permit 10.1.1.0 0.0.0.255
    !
    ! Next line assumes that you want to use one IP for everyone
    ! and use the port address translation. In your case, you could
    ! actually use one to one translation.
    !
    ip nat inside source list 1 interface serial0/0 overload
    !
    !Set up a static translation so you can telnet into your server
    !Assume your server is at 10.1.1.5
    !
    ip nat inside source static tcp 10.1.1.5 23 x.x.x.1 23
    !
    !or forward http traffic to your 10.1.1.4 server
    !
    ip nat inside source static tcp 10.1.1.4 80 x.x.x.1 80



    The only difference I see in the commands is the "no ip
    directed-broadcast" command. When trying to VPN into the
    64.132.234.18 address we get to the "Verifying Username & Password"
    point then it times out. From an internal PC I can VPN into the
    206.96.208.10 server address, and I can dial in via RRAS and get
    connected. So I'm guessing that I don't have something right in the
    router. Any help is appreciated.
     
    Doug, Nov 17, 2003
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.