Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
3
Replies

How To Allow Internet Browing On Cisco 1721 Routerq, Need Help

aslammemon
Level 1
Level 1

‎07-27-2007 02:06 PM

Dear Guys...

I have two Routers One is connected to other through VPN on different cities...

VPN works well i m able to access the LAN on both sides... BUT I CAN NOT BROWSE THE INTERNET

this is the major problem in my network.....

How can i do it...

I have Router 1721 Cisco...

Thanks in Advance... Okies

Dear Guys I have the Router Configuration given below but i can not browse the internet while the VPN works well..

User Access Verification

Password:

hyderabad>en

Password:

hyderabad#show

hyderabad#show ru

hyderabad#show running-config

Building configuration...

Current configuration : 1818 bytes

!

version 12.3

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname hyderabad

!

boot-start-marker

boot-end-marker

!

enable password xxx

!

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no aaa new-model

ip subnet-zero

ip cef

!

!

!

ip audit po max-events 100

no ip domain lookup

isdn switch-type basic-net3

!

!

!

!

!

!

!

interface Tunnel0

description link to karachi

ip address 192.16.10.21 255.255.255.252

load-interval 30

keepalive 5 3

tunnel source 203.x.129.243

tunnel destination 124.x.244.141

!

interface BRI0

description connected to internet

no ip address

ip nat outside

encapsulation ppp

dialer rotary-group 1

dialer-group 1

isdn switch-type basic-net3

isdn point-to-point-setup

no cdp enable

!

interface FastEthernet0

ip address 13.x.x.10 255.0.0.0

ip nat inside

speed auto

!

interface Dialer1

ip address negotiated

ip nat outside

encapsulation ppp

no ip split-horizon

dialer in-band

dialer string 13131212

dialer hold-queue 10

dialer load-threshold 10 outbound

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname rdpmuhyd

ppp chap password xxx

ppp pap sent-username rdpmuhyd password xxx

ppp multilink

!

router rip

version 2

passive-interface Dialer1

network 13.0.0.0

no auto-summary

!

ip nat inside source list 1 interface Dialer1 overload

ip classless

ip route 0.0.0.0 0.0.0.0 0.0.0.0

ip route 124.29.x.x.255.255.248 Dialer1

no ip http server

no ip http secure-server

!

access-list 1 permit 13.0.0.0 0.255.255.255

dialer-list 1 protocol ip permit

snmp-server community public RO

!

line con 0

exec-timeout 0 0

password xxx

login

line aux 0

line vty 0 4

password xxx

login

!

end

hyderabad#

hyderabad#

Labels:
0 Helpful
3 Replies 3

mohammedmahmoud
Level 11
Level 11

‎07-27-2007 11:12 PM

Hi,

Please modify the default route "ip route 0.0.0.0 0.0.0.0 0.0.0.0 " to reflect the actual next-hop for your internet.

HTH,

Mohammed Mahmoud.

0 Helpful

purohit_810
Level 5
Level 5

‎07-28-2007 11:04 AM

Hi,

You should have make two changes:

ip nat inside source list 1 interface Dialer1 overload

Change it:

ip nat inside source list 101 interface Dialer1 overload

Same 101 statement sould have to allow into

dialer-list 101 protocol ip permit

Regards,

Dharmesh Purohit

0 Helpful

purohit_810
Level 5
Level 5
In response to purohit_810

‎07-28-2007 11:05 AM

Access-list also should be extended.

Dharmesh Purohit

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents