Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

871W as PPTP Client issue (Double NAT / Bridging Issue)

Hi,

I have trying to solve this for a while now without success so I think its time to enlist some help.

I have a Cisco 871W connected to a cable modem for WAN which works without an issue. What I am trying to do is create an PPTP tunnel and route certain traffic down it. For now just to test and get everything working lets suppose I just need one machine to use the PPTP tunnel for all internet connections.

The PPTP dialer connects to another ISP in the UK (I'm in the US), the connection works however it is extremely slow due to what I would assume to be double NAT. Currently the dialer interface is obtaining an IP from the ISP (DHCP 192.168.100.6) and hosts on my side NAT overload via this connection to the internet in the UK. (Dialer 1)

What I want to do is "bridge" this dialer interface so that it no longer has an IP, and the IP from the ISP is given to a host on my side to remove a layer of NAT. Is this possible?

Here are some sections of the config as it stands:

!

vpdn enable

!

vpdn-group 1

request-dialin

  protocol pptp

  rotary-group 1

initiate-to ip EXTERNALIPOFISP

!

!

bridge irb

!

!

interface FastEthernet0

switchport access vlan 10

!

interface FastEthernet1

switchport access vlan 10

!

interface FastEthernet2

shutdown

!

interface FastEthernet3

shutdown

!

interface FastEthernet4

ip address dhcp

no ip redirects

no ip proxy-arp

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

!

interface Vlan10

no ip address

bridge-group 1

!

interface Dialer1

mtu 1440

ip tcp adjust-mss 1400

ip address negotiated

ip nat outside

ip virtual-reassembly

encapsulation ppp

dialer in-band

dialer idle-timeout 0

dialer string 123

dialer vpdn

dialer-group 1

no cdp enable

ppp pfc local request

ppp pfc remote apply

ppp encrypt mppe auto

ppp chap hostname USERNAME

ppp chap password 0 PASSWORD

!

interface BVI1

ip address INTERNALIP 255.255.255.0

ip nat inside

ip virtual-reassembly

ip policy route-map TEST

!

ip nat inside source route-map TEST interface Dialer1 overload

!

access-list 101 permit ip host INTERNALHOST any

!

route-map TEST permit 101

match ip address 101

set interface Dialer1

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

!

Thanks in advance for any assistance.

449
Views
0
Helpful
0
Replies