Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

VPN Dailer

Hi,

Although I have enabled allow local lan access in VPN dialer it is automatically disabled when VPN gets connected, what's the problem ?  I used the above codes for the easy vpn server side. It gets connected but all of my traffic doesn't pass through this VPN, why ?

Should not all the traffic pass from the same easy vpn server, do I have to do anything else so that all of my traffic goes through this vpn connection.

With regards,

- Mero

Router#show runBuilding configuration...

Current configuration : 2069 bytes
!version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname Router
boot-start-marker
boot-end-marker

no logging buffered
enable password cisco
!---AAA enabled using aaa newmodel command. Also 
AAA Authentication and Authorization are enabled---!aaa new-model!
!
aaa authentication login ciscocp_vpn_xauth_ml_1 local
aaa authorization network ciscocp_vpn_group_ml_1 local!
!
aaa session-id common
ip cef
!
!
!
!
ip domain name cisco.com
!
multilink bundle-name authenticated
!
!
!--- Configuration for IKE policies.
!--- Enables the IKE policy configuration (config-isakmp) 
!--- command mode, where you can specify the parameters that 
!--- are used during an IKE negotiation. Encryption and Policy details are hidden
as the default values are chosen.crypto isakmp policy 1
 encr 3des
 authentication pre-share group 2
crypto isakmp keepalive 10
!
crypto isakmp client configuration group cisco
 key cisco123
 pool SDM_POOL_1
crypto isakmp profile ciscocp-ike-profile-1
   match identity group cisco
   client authentication list ciscocp_vpn_xauth_ml_1
   isakmp authorization list ciscocp_vpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
!--- Configuration for IPsec policies.
!--- Enables the crypto transform configuration mode, 
!--- where you can specify the transform sets that are used 
!--- during an IPsec negotiation.crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac!
crypto ipsec profile CiscoCP_Profile1
 set security-association idle-time 86400
 set transform-set ESP-3DES-SHA
 set isakmp-profile ciscocp-ike-profile-1
!
!
!
!--- RSA certificate generated after you enable the 
!--- ip http secure-server command.crypto pki trustpoint TP-self-signed-1742995674
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1742995674
 revocation-check none
 rsakeypair TP-self-signed-1742995674

!--- Create a user account named cisco123 with all privileges.username cisco123 privilege 15 password 0 cisco123archive
 log config
  hidekeys
!
!
!--- Interface configurations are done as shown below---!interface Loopback0
 ip address 10.10.10.10 255.255.255.0
!
interface FastEthernet0/0
 ip address 10.77.241.111 255.255.255.192
 duplex auto
 speed auto
!
interface Virtual-Template1 type tunnel
 ip unnumbered Loopback0
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile CiscoCP_Profile1
!
!--- VPN pool named SDM_POOL_1 has been defined in the below command---!ip local pool SDM_POOL_1 192.168.1.1 192.168.1.254!--- This is where the commands to enable HTTP and HTTPS are configured.ip http server
ip http authentication local
ip http secure-server
!
!
!
!
control-plane
!
line con 0
line aux 0
!--- Telnet enabled with password as cisco.line vty 0 4
 password cisco
 transport input all
scheduler allocate 20000 1000
!
!
!
!end
236
Views
0
Helpful
0
Replies
CreatePlease to create content