Access-list 806 DSL

aessome · ‎02-03-2004

Hello Guys,

i got an Cisco 806 connected via DSL to the Internet. every thinks works fine. but if i try to get connection to my Office via VPN Client install on my Laptop, i got the VPN Tunnel bound but no data flow. If i move the access-list from the dialer interface all works. cann someone helb me to configure this access-list ?

access-list 111 remark IPSec and AntiSpoofing Rule

access-list 111 permit tcp any any established

access-list 111 permit udp any eq domain any

access-list 111 permit esp any any

access-list 111 permit ahp any any

access-list 111 permit udp any any eq isakmp

access-list 111 permit icmp any any administratively-prohibited

access-list 111 permit icmp any any echo

access-list 111 permit icmp any any echo-reply

access-list 111 permit icmp any any packet-too-big

access-list 111 permit icmp any any time-exceeded

access-list 111 permit icmp any any traceroute

access-list 111 permit icmp any any unreachable

access-list 111 permit udp any eq bootps any eq bootpc

access-list 111 permit udp any eq bootps any eq bootps

access-list 111 deny ip any any log

dialer-list 1 protocol ip permit

route-map nonat permit 10

Thanks for any suggetion

r.state · ‎02-04-2004

it looks like you have forgotten to permit the ip address that is allocated to your vpn clint.

eg - assume your client is allocated an address from a pool = 192.168.1.1 192.168.1.254

then add acl 111 permit ip 192.168.1.0 0.0.0.255 any

hope this helps,

Rowan