I want to explain a problem that I encounter during branche router installation with VPN.
I configured the router with PPPoE and Internet connection (when pinging all is OK), Next with VPN, the tunnel is perfect.
Until now at level 3 (IP connection) all working right.
But, using this configuration, only one computer can access all web pages, other computer access only google.com and few others (note that one computer can access all).
First thinking of VPN connection problem, I did only NAT to see... same problem.
Next, tried to connect directely a computer to the router to see if the switch causes the problem... same problem.
Tried also to use completely other router... and the problem still the same.
Noting that when doing PPPoE using one computer and sharing the Internet, all computers access Internet with no problem!!!
Now, I tried to do static NAT, and already for one computer it's OK for the others no connection...means the same problem.
Any Idea ???
If the ISP cause problem, why when sharing with a computer all works fine ??
Good ideas will be rated.
NAT is working correctely:
Inside, and outside
and using overloading on the Dialer PPPeO interface.
Plz note that only one computer is connecting (always the same one).
Here is the configuration :
ip dhcp pool vlan110
network 192.168.110.0 255.255.255.0
dns-server 192.168.0.7 18.104.22.168 22.214.171.124
bba-group pppoe global
description CONNECTED TO ADSL CONNECTION
no ip address
pppoe enable group global
pppoe-client dial-pool-number 1
ip address 192.168.110.250 255.255.255.0
ip nat inside
ip address negotiated
ip mtu 1492
ip nat outside
dialer pool 1
ppp authentication chap callin
ppp chap hostname 565487
ppp chap password 0 oucherif
ppp pap sent-username 565487 password 0 oucherif
ip nat inside source list 1 interface Dialer1 overload
I am puzzled. Your original post discussed a problem using VPN. But the configuration information that you post has absolutely nothing in it about VPN. Has the problem changed and now it is not about VPN? If it is still about VPN then where is the VPN information?
Sorry for my bad explain, my problem is not the VPN, but the Internet access.
As I said, my VPN is working correctely but to well thinking about this problem, I prefer don't talk about VPN but just to say that using my internet connection, only one computer can access internet, and others only some few sites.. and what's strange that all computer can ping and resolve DNS for any website (pings passes but HTTP requests give nothing).
Can you post your ACL 1 config and your acl for your crypto map? You need to permit the local subnet access out to any but deny any traffic that needs to go over the vpn tunnel.
permit 192.168.110.0/24 192.168.0.0/16
deny any 192.168.0.0/16
permit any any
I made tests without VPN and only a permit any for the NAT ACL and it gives the same problem.