ntwrkrbkj
IS-IT--Management
- Jun 2, 2003
- 58
I am trying to allow internet access through the router while keeping the tunnel up; the tunnel functions with no probs.
Ok, if anybody can help me out here I would greatly appreciate it. I know I am doing something stupid here, but when you get so frustrated the obvious answers become the most obscure.
Thanks in advance, here is the config:
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool GARAGE
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 70.34.117.6
option 150 ip 10.2.2.11
lease 10
!
ip audit po max-events 100
!
crypto isakmp policy 1
authentication pre-share
crypto isakmp key xxxxxxx address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set TRANSET esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile VPN
set transform-set TRANSET
!
!
interface Tunnel0
bandwidth 1500
ip address 172.0.0.2 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication test
ip nhrp map multicast xxx.xxx.xxx.xxx
ip nhrp map 172.0.0.1 xxx.xxx.xxx.xxx
ip nhrp network-id 100000
ip nhrp holdtime 300
ip nhrp nhs 172.0.0.1
ip ospf network broadcast
ip ospf priority 0
delay 1000
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100000
tunnel protection ipsec profile VPN
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface BRI0/0
no ip address
shutdown
!
interface Ethernet1/0
ip address 192.168.2.1 255.255.255.0
ip nat inside
half-duplex
!
router ospf 1
log-adjacency-changes
network 172.0.0.0 0.0.0.255 area 0
network 192.168.2.0 0.0.0.255 area 0
!
ip nat inside source list 1 interface Ethernet1/0 overload
ip http server
no ip http secure-server
ip classless
!
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
line con 0
password xxxxxxx
login
line aux line vty 0 4
password xxxxxxxx
login
A+, i-Net+, MCSA, MCSE, CCNA
Ok, if anybody can help me out here I would greatly appreciate it. I know I am doing something stupid here, but when you get so frustrated the obvious answers become the most obscure.
Thanks in advance, here is the config:
ip dhcp excluded-address 192.168.2.1 192.168.2.99
!
ip dhcp pool GARAGE
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 70.34.117.6
option 150 ip 10.2.2.11
lease 10
!
ip audit po max-events 100
!
crypto isakmp policy 1
authentication pre-share
crypto isakmp key xxxxxxx address 0.0.0.0 0.0.0.0
!
!
crypto ipsec transform-set TRANSET esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile VPN
set transform-set TRANSET
!
!
interface Tunnel0
bandwidth 1500
ip address 172.0.0.2 255.255.255.0
no ip redirects
ip mtu 1400
ip nhrp authentication test
ip nhrp map multicast xxx.xxx.xxx.xxx
ip nhrp map 172.0.0.1 xxx.xxx.xxx.xxx
ip nhrp network-id 100000
ip nhrp holdtime 300
ip nhrp nhs 172.0.0.1
ip ospf network broadcast
ip ospf priority 0
delay 1000
tunnel source FastEthernet0/0
tunnel mode gre multipoint
tunnel key 100000
tunnel protection ipsec profile VPN
!
interface FastEthernet0/0
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface BRI0/0
no ip address
shutdown
!
interface Ethernet1/0
ip address 192.168.2.1 255.255.255.0
ip nat inside
half-duplex
!
router ospf 1
log-adjacency-changes
network 172.0.0.0 0.0.0.255 area 0
network 192.168.2.0 0.0.0.255 area 0
!
ip nat inside source list 1 interface Ethernet1/0 overload
ip http server
no ip http secure-server
ip classless
!
!
access-list 1 permit 192.168.2.0 0.0.0.255
!
line con 0
password xxxxxxx
login
line aux line vty 0 4
password xxxxxxxx
login
A+, i-Net+, MCSA, MCSE, CCNA
