Sign in to follow this  
Followers 0
alirezasooni

problem with PPTP VPN

1 post in this topic

Hi every body

 

I have configured my cisco 2911 as PPTP server, and my clients connect without any problem, but they cant have access my lan, when I see route print output on my windows there is no default route for vpn tunnel, I have used this configuration on another router and I can see the route,

here is my router configuration:

 

Router configuration:

Current configuration : 8038 bytes
!
! Last configuration change at 10:30:16 UTC Sun May 18 2014 by etickr
! NVRAM config last updated at 10:20:16 UTC Sun May 18 2014 by etickr
! NVRAM config last updated at 10:20:16 UTC Sun May 18 2014 by etickr
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname etick_edge
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
enable secret 4 nH4GhP.nqSkUTxuTQ7zHRXJezQoQ598XBK3LPOzQp3A
!
no aaa new-model
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
no ip domain lookup
ip domain name yourdomain.com
multilink bundle-name authenticated
!
vpdn enable
!
vpdn-group 1
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
l2tp tunnel timeout no-session 15
!

!
!
!
!
!
!

interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description local network
ip address 10.0.0.1 255.255.255.252
ip nat inside
ip virtual-reassembly in
ip policy route-map PBR
duplex auto
speed auto
!
interface GigabitEthernet0/1
ip address 46.x.x.x 255.255.255.224
ip mtu 1200
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/2
description shatel
ip address 192.168.130.22 255.255.255.0
ip mtu 1200
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
!
interface Virtual-Template1
ip unnumbered GigabitEthernet0/1
ip nat inside
ip virtual-reassembly in
peer default ip address pool tvm
ppp authentication pap chap ms-chap
!
ip local pool tvm 192.168.3.20 192.168.3.30
ip forward-protocol nd
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip nat inside source route-map ISP-RESPINA interface GigabitEthernet0/1 overload
ip nat inside source route-map ISP-SHATEL interface GigabitEthernet0/2 overload

ip route 0.0.0.0 0.0.0.0 46.209.221.65
ip route 0.0.0.0 0.0.0.0 192.168.130.1
ip route 10.0.1.0 255.255.255.252 10.0.0.2
ip route 192.168.0.0 255.255.255.0 10.0.0.2
ip route 192.168.2.0 255.255.255.0 10.0.0.2
ip route 192.168.110.0 255.255.255.0 10.0.0.2
!
ip access-list extended respina
permit ip any any
permit icmp any any
ip access-list extended shatel
permit ip host 192.168.0.161 any
permit ip host 192.168.0.132 any
permit ip host 192.168.0.75 any
permit ip host 192.168.0.153 any
permit ip host 192.168.0.160 any
permit ip host 192.168.0.164 any
permit ip host 192.168.0.39 any
permit ip host 192.168.0.47 any
permit ip host 192.168.0.187 any
permit ip host 192.168.0.76 any
ip access-list extended test
!
access-list 1 permit 192.168.0.0 0.0.0.255
access-list 1 permit 192.168.110.0 0.0.0.255
access-list 1 permit 192.168.3.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 46 permit 46.209.221.66
access-list 110 permit ip host 192.168.110.10 any
!
route-map ISP-RESPINA permit 10
match ip address 1
match interface GigabitEthernet0/1
!
route-map PBR permit 10
match ip address shatel
set ip next-hop 192.168.130.1
!
route-map PBR permit 30
match ip address respina
set ip next-hop 46.209.221.65
!
route-map ISP-SHATEL permit 10
match ip address 1
match interface GigabitEthernet0/2
!
!
!
control-plane
!
!
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0