06-01-2008 01:53 PM - edited 02-21-2020 03:45 PM
crypto ipsec client ezvpn TEST
connect auto
group Cisco key cisco123
mode client
peer 172.1.1.1
xauth userid mode interfactive
interface FastEthernet4
ip address 10.1.1.1 255.255.255.0
ip access-group 101 in
ip nat outside
crypto ipsec client ezvpn TEST
Internet Vlan1
ip address 192.168.1.1 255.255.255.0
ip access-group 100 out
ip nat inside
crypto ipsec client ezvpn TEST inside
ip route 0.0.0.0. 0.0.0.0 192.168.1.254
ip nat inside source route-map EzVPN1 interface FastEthernet4 overload
access-list 100 permit ip any any
access-list 101 permit ip any any
access-list 103 permit ip 192.168.1.0 0.0.0.255 any
route-map EzVPN1 permit 1
match ip address 103
These are the following commands I applied in my Router, It is able to connect but unable to access any other servers. The same user name & password I tried with the VPN dialer it works on my Laptop. Anything I am missing on the router configuration. The VPN server is Cisco PIX 515E.
Cisco IOS on 871W is 12.3(8)Y12
06-06-2008 06:43 PM
1) Isn't your default route supposed to be pointing towards the external interface?
ip route 0.0.0.0. 0.0.0.0 192.168.1.254 ?
2) Can you change the 'mode client' to 'mode network-extension'. Also the PIX will need 'nem enable'.
Have a look at the following (I'm assuming you already have as your config seems to be similar):
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080809222.shtml
For old 6.x code on PIX, have a look at:
Regards
Farrukh
06-22-2008 05:36 AM
Farrukh,
Thanks for responding, there wass BUG in the IOS which was installed on this device, after upgrading to the latest it started working.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide