Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
1
Replies

PPTP through 2610 router

networking
Level 1
Level 1

‎07-24-2007 11:47 AM - edited ‎03-03-2019 06:00 PM

Hi all. I have a branch location that needs its employees to have the ability to create PPTP VPN connections to connect to public servers, etc. The 2610 router currently has a box to box vpn connection to HQ. How can I allow all LAN nodes to pass the GRE and PPTP traffic? I don't have any access lists applied to the LAN interface.

crypto map nolan 9 ipsec-isakmp

set peer xx

set transform-set sharks

match address 153

crypto map nolan 10 ipsec-isakmp

set peer xx

set transform-set sharks

match address 101

!

!

!

!

!

!

interface Loopback1

ip address 170.1.1.97 255.255.255.0

!

interface Tunnel0

ip address 10.10.0.1 255.255.255.0

no ip route-cache

no ip mroute-cache

tunnel source xx

tunnel destination xx

crypto map nolan

!

interface Ethernet0/0

description xxx LAN

ip address 192.168.12.1 255.255.255.0

ip nat inside

no ip route-cache

no ip mroute-cache

!

!

interface Serial0/0.1 point-to-point

backup interface Async65

ip address 172.20.12.2 255.255.255.252

no ip route-cache

no ip mroute-cache

shutdown

frame-relay interface-dlci 300

!

interface Serial0/0.2 point-to-point

description Frame Relay to xxx

ip address 172.21.12.2 255.255.255.252

no ip route-cache

no ip mroute-cache

shutdown

frame-relay interface-dlci 200

!

interface Serial0/1

ip address xxx 255.255.255.252

no ip proxy-arp

ip nat outside

no ip mroute-cache

no fair-queue

crypto map nolan

!

interface Async65

no ip address

encapsulation ppp

keepalive 10

dialer in-band

dialer idle-timeout 900

dialer string xx

dialer-group 1

async default routing

async mode interactive

!

interface Group-Async1

ip unnumbered Ethernet0/0

ip mtu 1400

encapsulation ppp

no ip route-cache

no ip mroute-cache

dialer in-band

dialer idle-timeout 1200

dialer map ip 170.1.1.45 name dar01rt01ec

dialer map ip 170.1.1.49 name sas01rt01ec

dialer map ip 170.1.1.54 name wpg01rt01ec

dialer map ip 170.1.1.6 name tes01rt01ec

dialer map ip 170.1.1.7 name van01rt01ec

dialer map ip 170.1.1.13 name tof01rt01ec

dialer-group 1

async default routing

async mode dedicated

peer default ip address pool default

ppp authentication pap chap

group-range 33 48

!

interface Dialer1

no ip address

!

router eigrp 100

network 10.0.0.0

network 170.1.0.0

network 172.20.0.0

network 172.21.0.0

network 192.168.12.0

auto-summary

no eigrp log-neighbor-changes

!

ip local pool default 192.168.12.200 192.168.12.254

ip nat inside source route-map nonat interface Serial0/1 overload

ip classless

no ip forward-protocol udp netbios-ns

no ip forward-protocol udp netbios-dgm

ip forward-protocol udp netbios-ss

ip forward-protocol udp 42508

ip route 0.0.0.0 0.0.0.0 xxx

ip route 0.0.0.0 0.0.0.0 Async65 200

ip route 172.16.0.0 255.255.0.0 10.10.0.2

ip route 172.17.0.0 255.255.0.0 10.10.0.2

ip route 192.168.6.0 255.255.255.0 170.1.1.6 200

ip route 192.168.7.0 255.255.255.0 170.1.1.7 200

ip route 192.168.13.0 255.255.255.0 170.1.1.13 200

ip route 192.168.45.0 255.255.255.0 170.1.1.45 200

ip route 192.168.49.0 255.255.255.0 170.1.1.49 200

ip route 192.168.54.0 255.255.255.0 170.1.1.54 200

ip http server

ip radius source-interface Ethernet0/0

access-list 101 permit gre host xx host xx

access-list 102 permit ip host 192.168.12.207 any

access-list 102 permit ip any host 192.168.12.207

access-list 110 deny ip 192.168.12.0 0.0.0.255 172.16.0.0 0.0.255.255

access-list 110 deny ip 192.168.12.0 0.0.0.255 172.17.0.0 0.0.255.255

access-list 110 deny ip 192.168.12.0 0.0.0.255 192.168.102.0 0.0.0.255

access-list 110 permit ip 192.168.12.0 0.0.0.255 any

access-list 153 permit ip 192.168.12.0 0.0.0.255 192.168.102.0 0.0.0.255

access-list 199 permit ip host 192.168.12.207 any

access-list 199 permit ip any host 192.168.12.207

priority-list 1 protocol ip high

dialer-list 1 protocol ip permit

route-map nonat permit 10

match ip address 110

Labels:
0 Helpful
1 Reply 1

carenas123
Level 5
Level 5

‎07-31-2007 05:20 AM

The vpdn command implements the PPTP feature for inbound connections between the firewall and a Windows client. Point-to-Point Tunneling Protocol (PPTP) is a Layer 2 tunneling protocol, which lets a remote client use a public IP network to communicate securely with servers at a private corporate network.

For more information please click following URL:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a0080094a5a.shtml#maintask1

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card