Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cisco 1710 VPN access
- Thread starter rswift
- Start date
Hi there,
Tried posting a q myself on VPN but didnt get too much response!! They are swines to set up!
Are you using the Cisco Client software loaded onto a PC at the remote peer? Also, is it for Dynamic VPN, ie, clients do not have static public IP addresses?
I have made some progress with mine in that i can now connect from the client to the server but cannot pass traffic between the two!!! Work in progress....
Can you post a config of what you have so far? Maybe you are interested in reaching the same level and may have ideas how to get the rest working
Jim
CCNA-in-the-making
Tried posting a q myself on VPN but didnt get too much response!! They are swines to set up!
Are you using the Cisco Client software loaded onto a PC at the remote peer? Also, is it for Dynamic VPN, ie, clients do not have static public IP addresses?
I have made some progress with mine in that i can now connect from the client to the server but cannot pass traffic between the two!!! Work in progress....
Can you post a config of what you have so far? Maybe you are interested in reaching the same level and may have ideas how to get the rest working
Jim
CCNA-in-the-making
- Thread starter
- #3
Hi Jim,
I got it working. I will copy and share with you the parts of the config when I return to the office Monday.
My clients use their ISP so the client will have a dynamic IP. The Cisco client software is loaded on the client's machine. It works too good. I finaly noticed I could browse the network but it was way too slow to be useful at all. I was using a regular dial-up connected at about 45k. After a while I noticed that it had down loaded the client virus package thst my virus server pushes out to clients. It even ran the logon script. After the virus software and scripts were loaded the performance wasn't that bad for a dial-up. I am testing it at home this weekend using a DSL connection. Should be much faster.
Ron
I got it working. I will copy and share with you the parts of the config when I return to the office Monday.
My clients use their ISP so the client will have a dynamic IP. The Cisco client software is loaded on the client's machine. It works too good. I finaly noticed I could browse the network but it was way too slow to be useful at all. I was using a regular dial-up connected at about 45k. After a while I noticed that it had down loaded the client virus package thst my virus server pushes out to clients. It even ran the logon script. After the virus software and scripts were loaded the performance wasn't that bad for a dial-up. I am testing it at home this weekend using a DSL connection. Should be much faster.
Ron
Hi Ron,
Glad you got it sorted. A config would be most appreciated.
The client tells me I am connected and allocates an IP address from a designated pool. I have been told that this pool cannot be from the same subnet as our LAN. I can ping the fa0/0 port on the router (which is also the LAN gateway) but cannot ping an internal address on the LAN. I have been told that I have been NATing it but there is nothing in the NAT programmng that should affect it.
I was wondering if a static route is required to tell the router which interface to forward packets destined for the VPN client from but am not sure which interface this would be set on.
I have noticed when i "show interfaces" that it is displaying a "Virtual-access" interface. i have not configured this (i dont think!!) and was wondering if it a dynamic sub interface created when the client connects?
Jim
Glad you got it sorted. A config would be most appreciated.
The client tells me I am connected and allocates an IP address from a designated pool. I have been told that this pool cannot be from the same subnet as our LAN. I can ping the fa0/0 port on the router (which is also the LAN gateway) but cannot ping an internal address on the LAN. I have been told that I have been NATing it but there is nothing in the NAT programmng that should affect it.
I was wondering if a static route is required to tell the router which interface to forward packets destined for the VPN client from but am not sure which interface this would be set on.
I have noticed when i "show interfaces" that it is displaying a "Virtual-access" interface. i have not configured this (i dont think!!) and was wondering if it a dynamic sub interface created when the client connects?
Jim
- Thread starter
- #5
I still have a couple problems. If the remote computer has never been attached locally you don't have the domain you want to log into as an option in the drop down box of the logon screen.
Here are the lines of code that made it work for me:
crypto isakmp client configuration group GroupeName
key GroupeNameKey
dns 10.36.36.4 10.36.36.5
wins 10.36.36.10 10.36.36.11
domain YourDomain.com
pool ippool
Here are the lines of code that made it work for me:
crypto isakmp client configuration group GroupeName
key GroupeNameKey
dns 10.36.36.4 10.36.36.5
wins 10.36.36.10 10.36.36.11
domain YourDomain.com
pool ippool
- Status
Similar threads
- Locked
- Question