09-19-2003 05:15 AM - edited 03-02-2019 10:28 AM
Hi
I have a cisco 1720 which I want to configure to use ADSL and ISDN like backp interface. I want to connect to a cisco 3000 as easily VPN .
With this configuration I have this problem:
With the ADSL I have not problem to reach outsied. when I unplug the adsl cable the interface Dialer1 change to up and I can ping outside through the router, but the pcs on the lan can't reach outside.
VPN is ok only with the ADSL connection.
Tahnk you very much.
Stefano
Configuration:
version 12.3
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
hostname adsl
no logging rate-limit
enable secret xxxxxx
enable password xxxxxx
username sdm privilege x password xxxx
no aaa new-model
ip subnet-zero
!
!
no ip domain lookup
!
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
isdn switch-type basic-net3
ip dhcp pool WP
network 10.2.129.0 255.255.255.0
default-router 10.2.129.250
dns-server 213.140.X.Y 151.99.Z.W 151.99.Z.Y
crypto ipsec client ezvpn PIPPO
connect auto
group BOSS key pippo
mode network-extension
peer 213.140.Y.X
interface ATM0
no ip address
ip directed-broadcast
no ip mroute-cache
no atm ilmi-keepalive
dsl operating-mode auto
hold-queue 224 in
interface ATM0.1 point-to-point
ip address 82.88.Y.X 255.255.255.252
ip nat outside
backup delay 5 40
backup interface Dialer1
ip route-cache same-interface
pvc 8/35
protocol ip 82.88.Y.X broadcast
encapsulation aal5snap
crypto ipsec client ezvpn PIPPO
interface BRI0
ip address negotiated
ip nat outside
encapsulation ppp
no ip route-cache
dialer idle-timeout 600
dialer string 7023456789
dialer hold-queue 10
dialer-group 1
isdn switch-type basic-net3
no fair-queue
no cdp enable
ppp authentication chap callin
ppp chap hostname xxxx
ppp chap password xxxxx
ppp multilink
interface FastEthernet0
ip address 10.2.129.250 255.255.255.0
ip directed-broadcast
ip nat inside
no ip split-horizon
no ip mroute-cache
speed auto
full-duplex
no cdp enable
hold-queue 100 out
crypto ipsec client ezvpn PIPPO inside
interface Dialer1
ip address negotiated
ip nat outside
encapsulation ppp
no ip route-cache
no ip split-horizon
dialer pool 1
dialer idle-timeout 600
dialer string 7023456789
dialer hold-queue 10
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname xxxx
ppp chap password xxxx
ppp pap sent-username xxxxxx password xxxxxx
ip nat inside source list 1 interface ATM0.1 overload
ip nat inside source list 99 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip route 0.0.0.0 0.0.0.0 BRI0
no ip http server
no ip http secure-server
access-list 1 permit 10.2.129.0 0.0.0.255
access-list 99 permit 10.2.129.0 0.0.0.255
dialer-list 1 protocol ip list 1
snmp-server community public RO
snmp-server enable traps tty
line con 0
stopbits 1
line aux 0
line vty 0 4
privilege level 15
password xxxxx
login
transport input telnet ssh
scheduler max-task-time 5000
no scheduler allocate
end
09-25-2003 06:54 AM
From your configuration, neither the BRI or Dialer interface seem to be configured with the 'crypto ipsec client ezvpn ' command. Check if this links helps you.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: