cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3493
Views
0
Helpful
0
Replies

site-to-site VPN | 857 Integrated Router

pskennedySOS
Level 1
Level 1

Hi everybody,

I am looking to establish a site-to-site VPN connection with a client.  I have looked at the manual but it has not worked.

We have an 857 Integrated Router on our end which handles the PPPoE and NATs several internal devices to public IPs provided by our DSL service.

I have a provided a sh run prior to any VPN configuration.  Below the sh run are the connection settings...

If someone could provide the CLI commands, I would appreciate it.  Again, I understand the manual provides commands but I'm unsure of which commands are necessary.

Current configuration : 1917 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname @#$#$(&

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$WOv/$3DWqFFkG5GU.ZlPfy7nHJ1

!

aaa new-model

!

!

!

!

aaa session-id common

!

!        

dot11 syslog

no ip dhcp use vrf connected

ip dhcp excluded-address 10.0.0.1 10.0.0.49

!        

ip dhcp pool alpha

   import all

   network 10.0.0.0 255.255.255.0

   default-router 10.0.0.1

   dns-server @#$#$(& @#$#$(&

   domain-name @#$#$(&

   lease 2

!        

!        

ip cef   

no ip domain lookup

ip domain name @#$#$(&

!        

!        

!        

username @#$#$(& password 0 @#$#$(&

!        

!        

archive  

log config

  hidekeys

!        

!        

ip ssh time-out 60

ip ssh authentication-retries 2

!        

!        

!        

interface ATM0

no ip address

no atm ilmi-keepalive

dsl operating-mode auto

!        

interface ATM0.1 point-to-point

pvc 0/35

  pppoe-client dial-pool-number 1

!       

!        

interface FastEthernet0

!        

interface FastEthernet1

!        

interface FastEthernet2

!        

interface FastEthernet3

!        

interface Vlan1

ip address 10.0.0.1 255.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1412

!        

interface Dialer0

ip address @#$#$(& 255.255.255.248

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication pap callin

ppp pap sent-username @#$#$(& password 0 @#$#$(&

!        

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 Dialer0

!        

no ip http server

no ip http secure-server

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source static 10.0.0.3 @#$#$(&

ip nat inside source static 10.0.0.5 @#$#$(&

!        

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 10.0.0.0 0.0.0.255

dialer-list 1 protocol ip permit

!        

control-plane

!        

!        

line con 0

no modem enable

line aux 0

line vty 0 4

transport input ssh

!        

scheduler max-task-time 5000

end 

(IPs adjusted for privacy)

He asked that we have our internal IP space NAT to 10.20.30.40 /32

They use the following:

3DES MDS
Group 2

VPN peer IP: 60.70.80.90

Thanks in advance!

Peter K.

NVT

0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: