cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
193
Views
0
Helpful
1
Replies

1720 ADSL + ISDN backup + VPN

burt229
Level 1
Level 1

Hi

I have a cisco 1720 which I want to configure to use ADSL and ISDN like backp interface. I want to connect to a cisco 3000 as easily VPN .

With this configuration I have this problem:

With the ADSL I have not problem to reach outsied. when I unplug the adsl cable the interface Dialer1 change to up and I can ping outside through the router, but the pcs on the lan can't reach outside.

VPN is ok only with the ADSL connection.

Tahnk you very much.

Stefano

Configuration:

version 12.3

no service pad

service timestamps debug datetime localtime

service timestamps log datetime localtime

service password-encryption

hostname adsl

no logging rate-limit

enable secret xxxxxx

enable password xxxxxx

username sdm privilege x password xxxx

no aaa new-model

ip subnet-zero

!

!

no ip domain lookup

!

ip audit notify log

ip audit po max-events 100

no ftp-server write-enable

isdn switch-type basic-net3

ip dhcp pool WP

network 10.2.129.0 255.255.255.0

default-router 10.2.129.250

dns-server 213.140.X.Y 151.99.Z.W 151.99.Z.Y

crypto ipsec client ezvpn PIPPO

connect auto

group BOSS key pippo

mode network-extension

peer 213.140.Y.X

interface ATM0

no ip address

ip directed-broadcast

no ip mroute-cache

no atm ilmi-keepalive

dsl operating-mode auto

hold-queue 224 in

interface ATM0.1 point-to-point

ip address 82.88.Y.X 255.255.255.252

ip nat outside

backup delay 5 40

backup interface Dialer1

ip route-cache same-interface

pvc 8/35

protocol ip 82.88.Y.X broadcast

encapsulation aal5snap

crypto ipsec client ezvpn PIPPO

interface BRI0

ip address negotiated

ip nat outside

encapsulation ppp

no ip route-cache

dialer idle-timeout 600

dialer string 7023456789

dialer hold-queue 10

dialer-group 1

isdn switch-type basic-net3

no fair-queue

no cdp enable

ppp authentication chap callin

ppp chap hostname xxxx

ppp chap password xxxxx

ppp multilink

interface FastEthernet0

ip address 10.2.129.250 255.255.255.0

ip directed-broadcast

ip nat inside

no ip split-horizon

no ip mroute-cache

speed auto

full-duplex

no cdp enable

hold-queue 100 out

crypto ipsec client ezvpn PIPPO inside

interface Dialer1

ip address negotiated

ip nat outside

encapsulation ppp

no ip route-cache

no ip split-horizon

dialer pool 1

dialer idle-timeout 600

dialer string 7023456789

dialer hold-queue 10

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxxx

ppp chap password xxxx

ppp pap sent-username xxxxxx password xxxxxx

ip nat inside source list 1 interface ATM0.1 overload

ip nat inside source list 99 interface Dialer1 overload

ip classless

ip route 0.0.0.0 0.0.0.0 ATM0.1

ip route 0.0.0.0 0.0.0.0 BRI0

no ip http server

no ip http secure-server

access-list 1 permit 10.2.129.0 0.0.0.255

access-list 99 permit 10.2.129.0 0.0.0.255

dialer-list 1 protocol ip list 1

snmp-server community public RO

snmp-server enable traps tty

line con 0

stopbits 1

line aux 0

line vty 0 4

privilege level 15

password xxxxx

login

transport input telnet ssh

scheduler max-task-time 5000

no scheduler allocate

end

1 Reply 1

gmarogi
Level 5
Level 5

From your configuration, neither the BRI or Dialer interface seem to be configured with the 'crypto ipsec client ezvpn ' command. Check if this links helps you.

http://www.cisco.com/warp/public/471/vpn_ios_ezvpn.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: