Hi all,

I want to configure a 871 router to act as a PPTP server, but the PPTP client (win xp) should be able to access the Internet through the tunnel, and not with "split tunneling" (it means all traffic coming out from the windows client should be tunneled).

In the PPTP client, I have checked the option "use default gateway on remote network" in TCP/IP properties, because the client should NOT access the Internet directly. I am able to establish the PPTP connection and access computers behind the 871, but it is not possible to browse Internet.

I have configured the router like this :

vpdn-group 1

accept-dialin

protocol pptp

virtual-template 1

...

interface Vlan1

ip address 192.168.1.1 255.255.255.0

ip nat inside

...

interface Virtual-Template1

ip address 192.168.2.1 255.255.255.0

peer default ip address pool Pool-For-Vpn-Client

ppp authentication chap ms-chap

...

ip local pool Pool-For-Vpn-Client 192.168.2.10 192.168.2.20

...

ip nat inside source list 100 interface FastEthernet4 overload

...

access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 100 permit ip 192.168.1.0 0.0.0.255 any

The target is to tunnel all the traffic as if the PPTP client is in the LAN behind the 871. Unfortunately, the only solution is to do the split tunneling by allowing the PPTP client to uncheck the "use default gateway on remote network" option, which is not what I want :-)

Any ideas? I saw a lot of things of some newsgroups but they all want the opposite (VPN access, and internet access but not through the VPN tunnel).

Thanks,

Jason