Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cant access resources on VPN

Status
Not open for further replies.
GTyphon

GTyphon

IS-IT--Management
Joined
Jan 11, 2005
Messages
2
Location
CA
I have a VPN setup using a CISCO 1721 router and a linksys RV016. I brought the tunnel online and I am able to do the following:

I can ping the 1721.
I can ping the computers on the other side.
I can see the computers on the other side.
I can see the shared resources on the other side.
I can "LIST" files on the shared resources.
I can upload files to the drives on the other side.
I can delete files on the other side.

HOWEVER for some bizarre reason I am not able to download files from the other side. When I do I get an error saying that the resource is no longer available.

Also note: I have other locations using pix 501 connected to the 1721 and they work fine.

Any ideas?????

Thanks in advance.
 
Sort by date Sort by votes
I cannot give you the config for RV016 because I cannot save it as a text file (only as a binary).

The linksys has a dynamic address. Where as all the pix501's have static ips. Is there somthing special I need to be concerned about?

This is the config for the 1721:
!This is the running config of the router: xx.xxx.xxx.xx
!----------------------------------------------------------------------------
!version 12.3
no service pad
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname company
!
security authentication failure rate 3 log
security passwords min-length 6
logging buffered 51200 warnings
logging console critical
enable secret 5 $1$mK.a$oYT/LYaddr1CpwznN0JQ20
!
username username1 privilege 15 password 7 110A18170513190D557C7E747B
ip subnet-zero
no ip source-route
!
!
ip tcp mss 1200
ip tcp synwait-time 10
ip name-server xx.xxx.xxx.xx
ip name-server xx.xxx.xxx.xx
!
no ip bootp server
ip cef
ip audit notify log
ip audit po max-events 100
ip ssh time-out 60
ip ssh authentication-retries 2
no ftp-server write-enable
!
!
!
!
crypto isakmp policy 1
hash md5
authentication pre-share
!
crypto isakmp policy 11
hash md5
authentication pre-share
lifetime 43200
crypto isakmp key key1 address xx.xxx.xxx.xx
crypto isakmp key key2 address xx.xxx.xxx.xx
crypto isakmp key key3 address xx.xxx.xxx.xx
crypto isakmp key key4 address xx.xxx.xxx.xx
crypto isakmp key key5 address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto ipsec transform-set rtpset esp-des esp-md5-hmac
!
crypto dynamic-map rtpmap 10
set transform-set rtpset
match address 115
!
!
crypto map mymap 10 ipsec-isakmp
set peer xx.xxx.xxx.xx
set transform-set myset
match address 101
crypto map mymap 20 ipsec-isakmp
set peer xx.xxx.xxx.xx
set transform-set myset
match address 106
crypto map mymap 30 ipsec-isakmp
set peer xx.xxx.xxx.xx
set transform-set myset
match address 107
crypto map mymap 40 ipsec-isakmp
set peer xx.xxx.xxx.xx
set transform-set myset
match address 104
crypto map mymap 100 ipsec-isakmp dynamic rtpmap
!
!
!
!
interface Ethernet0
description $ETH-WAN$
ip address xx.xxx.xxx.xx255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
no ip route-cache
full-duplex
no cdp enable
crypto map mymap
!
interface FastEthernet0
description $FW_INSIDE$$ETH-LAN$
ip address 192.168.1.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip route-cache flow
speed auto
no cdp enable
!
ip nat inside source route-map nonat interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 xx.xxx.xxx.xx
ip http server
ip http authentication local
ip http secure-server
!
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 102 deny ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 104 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255
access-list 106 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 107 permit ip 192.168.1.0 0.0.0.255 192.168.4.0 0.0.0.255
access-list 115 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255
access-list 120 permit icmp any any
no cdp run
!
route-map nonat permit 10
match ip address 102
!
!
line con 0
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
line vty 5 15
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 4000 1000
scheduler interval 500
!
end


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

CPM86
  • Locked
  • Question Question
Cisco isr 4331 with IOS and sip busy fail over to 2nd sip number on pbx?
Replies
0
Views
557
CPM86
CPM86
testman1
  • Locked
  • Question Question
SIP telephone ring on second call
Replies
0
Views
443
testman1
testman1
quazimotto
  • Locked
  • Question Question
Cisco ASA_5505 VPN to Juniper_SRX210 VPN IS UP_ No Traffic!!!!!!
Replies
0
Views
316
quazimotto
quazimotto
stanlyn
  • Locked
  • Question Question
HowTo Install Multiple PAP2T ATA Devices on Same Lan
Replies
3
Views
647
iggsterman
iggsterman
bfordz
  • Locked
  • Question Question
new help on setting up third party VoIP phones through Catalyst 2960x switch
Replies
0
Views
355
bfordz
bfordz

Part and Inventory Search

Sponsor

Back
Top