I have an issue with a VPN tunnel which I am trying to solve in order to rollout across all our sites.
We have 70+ sites that are connected by VPN tunnel (all 1801 routers) back to our ASA firewalls. They are all setup in a similar way and allow the PC's at the remote sites to use our proxy for internet access and also access services hosted on our main site. We now have a requirement to link these remote sites, through the VPN tunnel, to a server hosted on the internet (the remote sites do not have direct internet access). I have made the changes on the ASA firewalls to allow this traffic out and, using Packet Tracer, this test ok. I now need to alter the config of the remote routers (and the ASA end of the VPN) to allow this traffic, but I am not sure how!! I have tried adding a few rules into the ACL's but it did not work so thought I would ask the experts (routers are not my forte!!)
I have attached an example Router config below (with passwords hashed out). We need to allow the clients on the other end of the VPN access to 220.127.116.11 on port 5080.
Can anybody help!!!
service timestamps debug datetime msec
service timestamps log datetime msec
logging message-counter syslog
no aaa new-model
ip dhcp excluded-address 10.96.112.1 10.96.112.127
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :