I have a simple vpn connection using pptp working on multiple routers. I have a newer 2821 running the firewall ios that I'm trying to do the same vpn connection to. It works on all of the other routers but not to the new one running the firewall IOS. Here is the relevant configuration that I use on all of the other routers:
user vpn password 0 vpn
! Default PPTP VPDN group
ip address 10.8.8.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
peer default ip address pool vpn
ppp authentication ms-chap-v2
ip local pool vpn 10.8.8.2 10.8.8.3
access-list 106 permit tcp any host x.x.x.x eq 1723
access-list 106 permit gre any host x.x.x.x
I'm wondering what is different on the newer router that does not allow any gre connections. I have tried disabling IPS and CBAC completely and just using the access list and the access list still won't match any of the gre traffic.
ACL 106 is applied incoming on the outside interface facing my ISP.
The virtual call is coming from a windows or linux host. This part is all working because I have tested it from inside the lan and I have tested it on other routers that are not running the IOS Firewall.
Even if I have IPS and CBAC enabled it only matches tcp port 1723 and not GRE.
This 2821 is running: c2800nm-adventerprisek9-mz.124-20.T.bin
I have now configured a 2801 for testing with: c2801-adventerprisek9-mz.124-13b.bin and it is running CBAC and the pptp connection works!
So this is leading me to believe that either the ISP that the 2821 is connected to is now allowing GRE traffic or there is something wrong with this ios version: c2800nm-adventerprisek9-mz.124-20.T.bin
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.