I am trying to Run Two Internet connections on my cisco 1811 router, one with live ip will be using for VPN,, VPN users will connect with servers in DMZ,, this link will be dedicated for it...

The second one will be using for general Internet surfing,

Please see below configuration and attached network diagram.

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname MTL-1811

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1xxxxxxxxxxxxxxxxxI/

aaa new-model

!

aaa authentication login userauthen local

aaa authorization network groupauthor local

aaa session-id common

!

resource policy

ip cef

!

ip domain name millat.com.pk

ip name-server 10.16.6.11

ip name-server 10.16.7.12

ip name-server 203.99.163.240

!

username Junaid privilege 15 secret 5 $1xxxxxxxxxxxxxxxxxxx0

crypto isakmp policy 3

encr 3des

authentication pre-share

group 2

crypto isakmp policy 10

hash md5

authentication pre-share

crypto isakmp key cisco123 address 58.27.233.210 no-xauth

!

crypto isakmp client configuration group vpnclient

key cisco123

dns 192.168.1.17

wins 192.168.1.17

domain millat.com.pk

pool ippool

acl 111

crypto ipsec transform-set myset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10

set transform-set myset

!

crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor

crypto map clientmap client configuration address respond

crypto map clientmap 1 ipsec-isakmp

! Incomplete

set peer 58.27.233.210

set transform-set myset

crypto map clientmap 10 ipsec-isakmp dynamic dynmap

!

interface FastEthernet0

ip address 192.168.95.65 255.255.255.0

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet1

ip address 58.27.232.18 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map clientmap

interface FastEthernet2

!

interface FastEthernet9

!

interface Vlan1

ip address 192.168.74.1 255.255.255.0

ip access-group Internet in

ip nat inside

ip virtual-reassembly

ip policy route-map send_vpn

!

interface Async1

no ip address

encapsulation slip

!

ip local pool ippool 192.168.55.100 192.168.55.200

ip route 0.0.0.0 0.0.0.0 192.168.95.1

ip route 58.27.232.16 255.255.255.248 192.168.55.0

ip route 192.168.1.0 255.255.255.0 192.168.74.2

ip route 192.168.2.0 255.255.255.0 192.168.74.2

ip route 192.168.10.0 255.255.255.0 192.168.74.2

ip route 192.168.11.0 255.255.255.0 192.168.74.2

ip route 192.168.12.0 255.255.255.0 192.168.74.2

!

no ip http server

no ip http secure-server

ip nat inside source list deny_vpn_go_nat interface FastEthernet0 overload

ip nat inside source route-map send_vpn interface FastEthernet1 overload

ip nat inside source static tcp 192.168.74.1 23 interface FastEthernet1 23

!

ip access-list extended Internet

permit ip host 10.16.6.11 any

permit ip host 10.16.7.12 any

permit ip any host 66.241.216.167

permit ip 192.168.74.0 0.0.0.255 any

permit ip 192.168.20.0 0.0.0.255 any

permit ip 192.168.11.0 0.0.0.255 any

permit ip 192.168.1.0 0.0.0.255 any

permit ip 192.168.2.0 0.0.0.255 any

permit ip any host 203.215.177.36

permit ip 192.168.12.0 0.0.0.255 any

permit ip host 192.168.5.10 host 67.59.144.177

ip access-list extended deny_vpn_go_nat

deny ip 192.168.74.0 0.0.0.255 192.168.20.0 0.0.3.255

deny ip 192.168.74.0 0.0.0.255 192.168.55.0 0.0.0.255

deny ip 192.168.1.0 0.0.0.255 any

permit ip any any

ip access-list extended id_vpn

permit ip 192.168.74.0 0.0.0.255 192.168.55.0 0.0.0.255

permit ip 192.168.1.0 0.0.0.255 any

!

access-list 111 permit ip 192.168.1.0 0.0.0.255 192.168.55.0 0.0.0.255

access-list 111 permit ip 192.168.74.0 0.0.0.255 192.168.55.0 0.0.0.255

route-map send_vpn permit 10

match ip address id_vpn

set ip next-hop 58.27.232.17

webvpn context Default_context

ssl authenticate verify all