07-27-2007 02:06 PM
Dear Guys...
I have two Routers One is connected to other through VPN on different cities...
VPN works well i m able to access the LAN on both sides... BUT I CAN NOT BROWSE THE INTERNET
this is the major problem in my network.....
How can i do it...
I have Router 1721 Cisco...
Thanks in Advance... Okies
Dear Guys I have the Router Configuration given below but i can not browse the internet while the VPN works well..
User Access Verification
Password:
hyderabad>en
Password:
hyderabad#show
hyderabad#show ru
hyderabad#show running-config
Building configuration...
Current configuration : 1818 bytes
!
version 12.3
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname hyderabad
!
boot-start-marker
boot-end-marker
!
enable password xxx
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
ip audit po max-events 100
no ip domain lookup
isdn switch-type basic-net3
!
!
!
!
!
!
!
interface Tunnel0
description link to karachi
ip address 192.16.10.21 255.255.255.252
load-interval 30
keepalive 5 3
tunnel source 203.x.129.243
tunnel destination 124.x.244.141
!
interface BRI0
description connected to internet
no ip address
ip nat outside
encapsulation ppp
dialer rotary-group 1
dialer-group 1
isdn switch-type basic-net3
isdn point-to-point-setup
no cdp enable
!
interface FastEthernet0
ip address 13.x.x.10 255.0.0.0
ip nat inside
speed auto
!
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
no ip split-horizon
dialer in-band
dialer string 13131212
dialer hold-queue 10
dialer load-threshold 10 outbound
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp chap hostname rdpmuhyd
ppp chap password xxx
ppp pap sent-username rdpmuhyd password xxx
ppp multilink
!
router rip
version 2
passive-interface Dialer1
network 13.0.0.0
no auto-summary
!
ip nat inside source list 1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 0.0.0.0
ip route 124.29.x.x.255.255.248 Dialer1
no ip http server
no ip http secure-server
!
access-list 1 permit 13.0.0.0 0.255.255.255
dialer-list 1 protocol ip permit
snmp-server community public RO
!
line con 0
exec-timeout 0 0
password xxx
login
line aux 0
line vty 0 4
password xxx
login
!
end
hyderabad#
hyderabad#
07-27-2007 11:12 PM
Hi,
Please modify the default route "ip route 0.0.0.0 0.0.0.0 0.0.0.0 " to reflect the actual next-hop for your internet.
HTH,
Mohammed Mahmoud.
07-28-2007 11:04 AM
Hi,
You should have make two changes:
ip nat inside source list 1 interface Dialer1 overload
Change it:
ip nat inside source list 101 interface Dialer1 overload
Same 101 statement sould have to allow into
dialer-list 101 protocol ip permit
Regards,
Dharmesh Purohit
07-28-2007 11:05 AM
Access-list also should be extended.
Dharmesh Purohit
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: