Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN and Windows 2003 DHCP

I have an 871 Router that I am trying to setup a VPN but the Windows 2003 server on the network does the dhcp. At this point I get and error on authentication just trying to vpn - here is the config I hope someone can help. I have never had this problem before

aaa authentication login default local

aaa authentication login sdm_vpn_xauth_ml_1 local

aaa authorization exec default local

aaa authorization network sdm_vpn_group_ml_1 local

aaa session-id common

!

resource policy

!

ip subnet-zero

ip cef

!

!

!

!

ip domain name xxx.com

ip name-server 216.x.x.x

ip name-server 216.x.x.x

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

!

crypto isakmp client configuration group xxxvpn

key xx2cisco

dns 192.168.0.1 216.x.x.x

domain d2b0411

netmask 255.255.255.0

!

!

crypto ipsec transform-set xxxvpn esp-3des esp-md5-hmac

!

crypto dynamic-map SDM_DYNMAP_1 1

set transform-set peruvpn

reverse-route

crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1

crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1

crypto map SDM_CMAP_1 client configuration address respond

crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1

!

!

interface FastEthernet4

description $ES_WAN$

ip address 216.x.x.x 255.255.255.248

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map SDM_CMAP_1

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$

ip address 192.168.0.254 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip local pool SDM_POOL_1 192.168.0.220 192.168.0.225

ip classless

ip route 0.0.0.0 0.0.0.0 216.x.x.x

!

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip nat inside source static udp 192.168.0.1 3389 interface FastEthernet4 3389

ip nat inside source route-map SDM_RMAP_1 interface FastEthernet4 overload

!

access-list 100 remark SDM_ACL Category=2

access-list 100 deny ip any host 192.168.0.220

access-list 100 deny ip any host 192.168.0.221

access-list 100 deny ip any host 192.168.0.222

access-list 100 deny ip any host 192.168.0.223

access-list 100 deny ip any host 192.168.0.224

access-list 100 deny ip any host 192.168.0.225

access-list 100 permit ip 192.168.0.0 0.0.0.255 any

no cdp run

!

route-map SDM_RMAP_1 permit 1

match ip address 100

Thanks

Gabrielle

1 REPLY
New Member

Re: VPN and Windows 2003 DHCP

OK - I am able to VPN in fine now. I can ping the server 192.168.0.1- I can get in Remote Desktop to the server 192.168.0.1 and from remote desktop I can ping my VPNed Pc IP of 192.168.0.200. However, I can't see the domain when I go to map network or Network neigh. Any Ideas?

Thanks

258
Views
0
Helpful
1
Replies
CreatePlease to create content