Connecting to two vlans over vpn (1721)

Unanswered Question
Sep 3rd, 2010

I have two vlans configured on a 1721 router, Vlan 1 and Vlan 20. Remote computers are issued addresses from Vlan1 range and they  can rdp to computers in Vlan1. Why can't they ping or rdp to machines in Vlan 20? Any help will be appreciated.

Office#sh conf

Using 3788 out of 29688 bytes

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

hostname Office



enable secret xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

aaa new-model

aaa authentication ppp default local

aaa authorization network default if-authenticated

aaa session-id common

clock timezone GMT 1

mmi polling-interval 60

no mmi auto-configure

no mmi pvc

mmi snmp-timeout 180

no ip dhcp use vrf connected

ip dhcp excluded-address xxxxxxxxxxxxxxxxxxx

ip dhcp excluded-address xxxxxxxxxxxxxxxxxxx

ip dhcp pool INTERNAL1

   import all

   network xxxxxxxxxxxxxxxxxxxxxxxxx

   default-router xxxxxxxxxxxxxxxxxxxxx


   dns-server xxxxxxxxxxxxxxxxxxxxxxxxxxxxx

   lease infinite

ip dhcp pool 172-Network

   import all

   network xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

   default-router xxxxxxxxxxxxxxxxxxxxxxxx


   dns-server xxxxxxxxxxxxxxxxxxxxxxxxxx

   lease infinite

p cef

no ip domain lookup

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

vpdn enable

vpdn-group mygroup

vpdn-group myvpn

Default PPTP VPDN group


  protocol pptp

  virtual-template 1

crypto pki trustpoint TP-self-signed-213732786

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-213732786

revocation-check none

rsakeypair TP-self-signed-213732786

crypto pki certificate chain TP-self-signed-213732786

certificate self-signed 01 nvram:IOS-Self-Sig#3636.cer

spanning-tree uplinkfast

spanning-tree backbonefast

interface FastEthernet0

description Outside Network

ip address dhcp

ip access-group 110 in

ip nat outside

ip virtual-reassembly

no ip route-cache cef

no ip route-cache

no ip mroute-cache

speed auto


no cdp enable

interface FastEthernet1


switchport access vlan 20

vlan-id dot1q 1


vlan-id dot1q 20


interface FastEthernet2

vlan-id dot1q 20


spanning-tree portfast

interface FastEthernet3

vlan-id dot1q 20


interface FastEthernet4

description Private Network

vlan-id dot1q 1


interface Virtual-Template1

ip unnumbered FastEthernet0

peer default ip address pool DIAL-IN

ppp encrypt mppe auto required

ppp authentication ms-chap ms-chap-v2

interface Vlan1

ip address xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ip nat inside

ip virtual-reassembly

hold-queue 100 out

interface Vlan20

ip address xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ip nat inside

ip virtual-reassembly

router ospf 1


router ospf 1


passive-interface FastEthernet0

network xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx area 0

network xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx area 0

ip local pool DIAL-IN xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ip forward-protocol nd

ip route xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

ip http authentication local

ip http secure-server

ip nat inside source list 101 interface FastEthernet0 overload

access-list 101 permit ip xxxxxxxxxxxxxxxxxx any

access-list 101 permit ip xxxxxxxxxxxxxxxxx any

access-list 110 permit ip any any


alias exec s sh ip int brief

alias exec sipr sh ip route

line con 0

exec-timeout 0 0

logging synchronous

line aux 0

line vty 0 4

exec-timeout 0 0

password 7 00000000

logging synchronous

transport input telnet ssh


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion