Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
394
Views
0
Helpful
1
Replies

Can you see why my Cisco 800 series routers VPN goes up/down

whiteford
Level 1
Level 1

‎09-26-2007 07:55 AM - edited ‎03-03-2019 06:55 PM

I have configured my Cisco 877 for a VPN to a Cisco Concentrator, but it connects then goes down then up then down ect. Below is the config and errors:

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname F3343

!

boot-start-marker

boot-end-marker

!

logging buffered 8192 warnings

enable password iuih

!

no aaa new-model

!

resource policy

!

ip subnet-zero

ip cef

no ip dhcp use vrf connected

ip dhcp excluded-address 172.19.15.1 172.19.15.10

!

ip dhcp pool client

network 172.19.15.0 255.255.255.0

default-router 172.19.15.1

dns-server 192.168.21.1 192.168.21.2

lease 0 2

!

!

ip inspect name outbound tcp

ip inspect name outbound udp

ip inspect name outbound ftp

ip inspect name outbound http

ip inspect name outbound icmp

ip tftp source-interface Vlan1

!

!

!

username itih5 password 0 3lkijer

!

!

!

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2

crypto isakmp key #78697980c0n address 80.1.156.8

!

!

crypto ipsec transform-set vo_t_set esp-3des esp-md5-hmac

!

crypto map vo_t_set 10 ipsec-isakmp

set peer 80.1.156.8

set transform-set vo_t_set

match address 101

!

!

!

interface ATM0

no ip address

no ip unreachables

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

dsl operating-mode auto

!

interface FastEthernet0

!

interface FastEthernet1

!

interface FastEthernet2

!

interface FastEthernet3

!

interface Vlan1

ip address 172.19.15.1 255.255.255.0

ip inspect outbound in

hold-queue 100 out

!

interface Dialer1

ip address negotiated

ip access-group inbound_acl in

no ip unreachables

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxx@hg57.xxxxx

ppp chap password 0 xxxxx

ppp pap sent-username xxxx@hg57.xxxxpassword 0 xxxx

crypto map vo_t_set

!

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer1

!

no ip http server

no ip http secure-server

!

ip access-list extended inbound_acl

permit udp any any eq isakmp

permit esp any any

deny icmp any any timestamp-request

deny icmp any any timestamp-reply

permit icmp any any

permit udp any any eq ntp

permit tcp x.x.x.x 0.0.0.31 any eq telnet

permit tcp x.x.x.x 0.0.0.31 any eq 22

permit tcp x.x.x.x 0.0.0.31 any eq ftp-data

permit tcp x.x.x.x 0.0.0.31 any eq ftp

permit tcp x.x.x.x 0.0.0.31 any eq www

permit tcp x.x.x.x 0.0.0.31 any eq 443

permit ip 192.168.20.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.21.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.30.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.40.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.50.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.70.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.80.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.90.0 0.0.0.255 172.19.15.0 0.0.0.255

permit ip 192.168.100.0 0.0.0.255 172.19.15.0 0.0.0.255

!

logging trap warnings

logging facility local4

logging source-interface Vlan1

logging 192.168.21.19

access-list 50 permit 192.168.90.11

access-list 50 permit 192.168.60.11

access-list 50 permit 172.19.15.9

access-list 50 permit 172.19.15.10

access-list 50 permit 172.19.15.11

access-list 101 permit ip 172.19.15.0 0.0.0.255 any

dialer-list 1 protocol ip permit

snmp-server community kjjoj1 RO

snmp-server enable traps tty

snmp-server host 192.168.21.19 RO

!

control-plane

!

!

line con 0

no modem enable

line aux 0

line vty 0 4

access-class 50 in

exec-timeout 0 0

login local

length 0

!

scheduler max-task-time 5000

sntp server 158.43.128.33

end

Labels:
0 Helpful
1 Reply 1

whiteford
Level 1
Level 1

‎09-26-2007 07:55 AM

what is displayed when it connects and goes down:

*Mar 1 01:14:49.239: %LINK-3-UPDOWN: Interface ATM0, changed state to up

*Mar 1 01:14:50.239: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to up

*Mar 1 01:14:57.923: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Mar 1 01:14:57.927: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Mar 1 01:15:01.135: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up

*Mar 1 01:15:18.075: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to down

*Mar 1 01:15:18.075: %DIALER-6-UNBIND: Interface Vi2 unbound from profile Di1

*Mar 1 01:15:19.075: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to down

*Mar 1 01:15:19.159: %LINK-3-UPDOWN: Interface ATM0, changed state to down

*Mar 1 01:15:20.159: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to down

*Mar 1 01:15:39.239: %LINK-3-UPDOWN: Interface ATM0, changed state to up

*Mar 1 01:15:40.239: %LINEPROTO-5-UPDOWN: Line protocol on Interface ATM0, changed state to up

*Mar 1 01:15:47.739: %LINK-3-UPDOWN: Interface Virtual-Access2, changed state to up

*Mar 1 01:15:47.739: %DIALER-6-BIND: Interface Vi2 bound to profile Di1

*Mar 1 01:15:50.859: %LINEPROTO-5-UPDOWN: Line protocol on Interface Virtual-Access2, changed state to up

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card