×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

PPTP VPN for select traffic and the rest using the internet.

Unanswered Question
Jun 22nd, 2012
User Badges:

Hi,


I wish to connect my 2651XM to the internet and also have a PPTP VPN from the router to a commercial VPN provider (

184.22.182.11) with only select sites to use the VPN. I am having difficulty working out the routing.


10.0.0.0 is the LAN subnet

10.0.0.22 is a test pc

192.168.0.250 is the WAN ip (connecting in the back of an existing Router/Modem 192.168.0.254)

184.22.182.11 is the VPN Provider IP

8.8.8.8 is the server to test pinging against that should use the VPN tunnel and not the 'internet'


Relatively new to this whole thing..and some help would be greatly appreciated. Thanks



version 12.4

service config

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

service internal

!

hostname Core-Router

!

boot-start-marker

boot-end-marker

!

no logging buffered

enable secret 5 XXXXXXXXXXXXXXXXXXXXX

enable password XXXXXXXXXXXXXXX

!

no aaa new-model

no network-clock-participate slot 1

no network-clock-participate wic 0

no ip gratuitous-arps

ip cef

!

!

ip host server 192.168.0.10

ip host i7 192.168.0.22

ip name-server 8.8.8.8

ip name-server 8.8.4.4

ip multicast-routing

ip auth-proxy max-nodata-conns 3

ip admission max-nodata-conns 3

vpdn enable

!

vpdn-group 1

request-dialin

  protocol pptp

  rotary-group 0

initiate-to ip 184.22.182.11

!

!

username xxxx password 0 xxxx

!

interface FastEthernet0/0

description INTERNET

ip address 192.168.0.250 255.255.255.0

ip nat outside

ip virtual-reassembly

speed auto

full-duplex

no mop enabled

!

interface FastEthernet0/1

description LAN

ip address 10.0.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

speed auto

full-duplex

no mop enabled

!

interface Dialer0

mtu 1450

ip address negotiated

ip pim dense-mode

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer in-band

dialer idle-timeout 0

dialer string 123

dialer vpdn

dialer-group 1

no cdp enable

ppp pfc local request

ppp pfc remote apply

ppp encrypt mppe auto

ppp chap hostname xxxx

ppp chap password 0 xxxx

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.0.254    <-- ADSL modem/router LAN interface. Next hop router.

ip route 8.8.8.8 255.255.255.255 Dialer0  <--Test ping to 8.8.8.8 should go down the VPN

!

ip dns server

!

ip http server

no ip http secure-server

ip nat inside source route-map nat1 interface FastEthernet0/0 overload

!

access-list 10 permit 10.0.0.22  <--- This is simply a test pc to test the routing rules

dialer-list 1 protocol ip permit

snmp-server community public RO

!

route-map nat1 permit 10

match ip address 10

!

control-plane

!

line con 0

line aux 0

line vty 0 4

password xxxx

login

!

!

end

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
handoko wiyanto Sun, 06/24/2012 - 05:08
User Badges:

hi there,


could you post the command show ip route after the pptp connection succeed?


regards,

Actions

This Discussion