This is driving me crazy.
I set up VPDN on the c2800 (with help from this forum) and worked a treat with encryption.
Now after several weeks it will not connect unless data encryption is unticked on the XP client.
It actually verifies the connection ok but fails to register on the network. Error 742. "The remote computer does not support the required data encryption type".
I can't see why this is. Cisco confg below (IP address x'd out).
TIA...Ski
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname test
!
boot-start-marker
boot system flash c2800nm-advsecurityk9-mz.123-8.T8.bin
boot system flash c2800nm-spservicesk9-mz.123-8.T8.bin
boot-end-marker
!
enable secret level
enable password 7
!
username test password 7 11011C1712400F0D1D
clock timezone UTC -23
no network-clock-participate aim 0
no network-clock-participate aim 1
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip ips po max-events 100
no ip domain lookup
vpdn enable
!
vpdn-group ppoa
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
no ftp-server write-enable
!
interface FastEthernet0/0
ip address 192.168.47.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0/0.1 point-to-point
ip address xx.xx.xx.xx 255.255.255.0
ip nat outside
ip virtual-reassembly
pvc 8/32
!
!
interface ATM0/1/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/1/0.1 point-to-point
no ip address
ip virtual-reassembly
shutdown
pvc 8/32
!
!
interface ATM0/2/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/2/0.1 point-to-point
ip nat outside
ip virtual-reassembly
shutdown
pvc 8/32
!
!
interface ATM0/3/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
no ip redirects
ip route-cache flow
peer default ip address pool vpdnpptp
no keepalive
ppp authentication chap eap ms-chap ms-chap-v2 pap
!
ip local pool vpdnpptp 192.168.47.26 192.168.47.35
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
ip http server
no ip http secure-server
ip nat inside source list 1 interface ATM0/0/0.1 overload
ip nat inside source static tcp 192.168.47.7 21 interface ATM0/0/0.1 21
ip nat inside source static tcp 192.168.47.7 80 interface ATM0/0/0.1 80
!
!
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 101 deny tcp any any eq 1212
access-list 101 deny tcp any any eq 1213
access-list 101 deny tcp any any eq 1233
access-list 101 deny tcp any any eq 1234
access-list 101 deny tcp any any eq 1235
access-list 101 deny tcp any any eq 1214
access-list 101 deny udp any any eq 1214
access-list 101 deny tcp any any eq 1863
access-list 101 deny udp any any eq 1863
access-list 101 deny udp any any range 4242 4661
access-list 101 deny tcp any any range 4242 4661
access-list 101 deny udp any any range 5000 8000
access-list 101 deny tcp any any range 5000 8000
access-list 101 deny tcp any any gt 9105
access-list 101 deny udp any any gt 9105
access-list 101 permit ip any any
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server host 192.168.47.150 public
!
!
control-plane
!
!
line con 0
password 7 110E1C0B12215A1F
login
line aux 0
line vty 0 4
password 7 045C0E080A121D5D
login
!
scheduler allocate 20000 1000
ntp clock-period 17179857
ntp server 192.168.47.7
!
end
I set up VPDN on the c2800 (with help from this forum) and worked a treat with encryption.
Now after several weeks it will not connect unless data encryption is unticked on the XP client.
It actually verifies the connection ok but fails to register on the network. Error 742. "The remote computer does not support the required data encryption type".
I can't see why this is. Cisco confg below (IP address x'd out).
TIA...Ski
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname test
!
boot-start-marker
boot system flash c2800nm-advsecurityk9-mz.123-8.T8.bin
boot system flash c2800nm-spservicesk9-mz.123-8.T8.bin
boot-end-marker
!
enable secret level
enable password 7
!
username test password 7 11011C1712400F0D1D
clock timezone UTC -23
no network-clock-participate aim 0
no network-clock-participate aim 1
no aaa new-model
ip subnet-zero
!
!
ip cef
!
!
ip ips po max-events 100
no ip domain lookup
vpdn enable
!
vpdn-group ppoa
! Default PPTP VPDN group
accept-dialin
protocol pptp
virtual-template 1
!
no ftp-server write-enable
!
interface FastEthernet0/0
ip address 192.168.47.1 255.255.255.0
ip access-group 101 in
ip nat inside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface ATM0/0/0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/0/0.1 point-to-point
ip address xx.xx.xx.xx 255.255.255.0
ip nat outside
ip virtual-reassembly
pvc 8/32
!
!
interface ATM0/1/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/1/0.1 point-to-point
no ip address
ip virtual-reassembly
shutdown
pvc 8/32
!
!
interface ATM0/2/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0/2/0.1 point-to-point
ip nat outside
ip virtual-reassembly
shutdown
pvc 8/32
!
!
interface ATM0/3/0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Virtual-Template1
ip unnumbered FastEthernet0/0
no ip redirects
ip route-cache flow
peer default ip address pool vpdnpptp
no keepalive
ppp authentication chap eap ms-chap ms-chap-v2 pap
!
ip local pool vpdnpptp 192.168.47.26 192.168.47.35
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0/0/0.1
ip http server
no ip http secure-server
ip nat inside source list 1 interface ATM0/0/0.1 overload
ip nat inside source static tcp 192.168.47.7 21 interface ATM0/0/0.1 21
ip nat inside source static tcp 192.168.47.7 80 interface ATM0/0/0.1 80
!
!
access-list 1 permit 192.168.47.0 0.0.0.255
access-list 101 deny tcp any any eq 1212
access-list 101 deny tcp any any eq 1213
access-list 101 deny tcp any any eq 1233
access-list 101 deny tcp any any eq 1234
access-list 101 deny tcp any any eq 1235
access-list 101 deny tcp any any eq 1214
access-list 101 deny udp any any eq 1214
access-list 101 deny tcp any any eq 1863
access-list 101 deny udp any any eq 1863
access-list 101 deny udp any any range 4242 4661
access-list 101 deny tcp any any range 4242 4661
access-list 101 deny udp any any range 5000 8000
access-list 101 deny tcp any any range 5000 8000
access-list 101 deny tcp any any gt 9105
access-list 101 deny udp any any gt 9105
access-list 101 permit ip any any
snmp-server community public RO
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps tty
snmp-server host 192.168.47.150 public
!
!
control-plane
!
!
line con 0
password 7 110E1C0B12215A1F
login
line aux 0
line vty 0 4
password 7 045C0E080A121D5D
login
!
scheduler allocate 20000 1000
ntp clock-period 17179857
ntp server 192.168.47.7
!
end