Although I have enabled allow local lan access in VPN dialer it is automatically disabled when VPN gets connected, what's the problem ? I used the above codes for the easy vpn server side. It gets connected but all of my traffic doesn't pass through this VPN, why ?
Should not all the traffic pass from the same easy vpn server, do I have to do anything else so that all of my traffic goes through this vpn connection.
Router#show runBuilding configuration...
Current configuration : 2069 bytes
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
no logging buffered
enable password cisco
!---AAA enabled using aaa newmodel command. Also
AAA Authentication and Authorization are enabled---!aaa new-model!
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_1 local!
aaa session-id common
ip domain name cisco.com
multilink bundle-name authenticated
!--- Configuration for IKE policies.
!--- Enables the IKE policy configuration (config-isakmp)
!--- command mode, where you can specify the parameters that
!--- are used during an IKE negotiation. Encryption and Policy details are hidden
as the default values are chosen.crypto isakmp policy 1
authentication pre-share group 2
crypto isakmp keepalive 10
crypto isakmp client configuration group cisco
crypto isakmp profile ciscocp-ike-profile-1
match identity group cisco
client authentication list ciscocp_vpn_xauth_ml_1
isakmp authorization list ciscocp_vpn_group_ml_1
client configuration address respond
!--- Configuration for IPsec policies.
!--- Enables the crypto transform configuration mode,
!--- where you can specify the transform sets that are used
!--- during an IPsec negotiation.crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac!
crypto ipsec profile CiscoCP_Profile1
set security-association idle-time 86400
set transform-set ESP-3DES-SHA
set isakmp-profile ciscocp-ike-profile-1
!--- RSA certificate generated after you enable the
!--- ip http secure-server command.crypto pki trustpoint TP-self-signed-1742995674
!--- Create a user account named cisco123 with all privileges.username cisco123 privilege 15 password 0 cisco123archive
!--- Interface configurations are done as shown below---!interface Loopback0
ip address 10.10.10.10 255.255.255.0
ip address 10.77.241.111 255.255.255.192
interface Virtual-Template1 type tunnel
ip unnumbered Loopback0
tunnel mode ipsec ipv4
tunnel protection ipsec profile CiscoCP_Profile1
!--- VPN pool named SDM_POOL_1 has been defined in the below command---!ip local pool SDM_POOL_1 192.168.1.1 192.168.1.254!--- This is where the commands to enable HTTP and HTTPS are configured.ip http server
ip http authentication local
ip http secure-server
line con 0
line aux 0
!--- Telnet enabled with password as cisco.line vty 0 4
transport input all
scheduler allocate 20000 1000
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...