Cisco 831 Router to Configure VPN Access

Hello,
I need assistance in configuring a VPN in a Cisco 831 Router. I do not have any experience in configuring routers and VPN's, and would appreciate if any one could help out.
I would like to connect three Laptops to the Cisco 831 via Cisco VPN Client. Three laptops must have 10.42.6.x Address assigned by the router on the VPN Connection. They will also need access to the internal network which is 192.168.x.x private network. The Cisco has a Static IP on the Internal Interface and External Interface. I have tried several different ways of doing this, however I must be doing something wrong in my config.
Any help or suggestions would be appreciated.

Hi Robert
You can refer the below link in finding out the exact config to start with.
do make sure that your Cisco 831 box with the current IOS code installed in it supports the required feature to run the same..
http://www.cisco.com/en/US/tech/tk583/tk372/tech_configuration_examples_list.html#anchor16
regds

Similar Messages

Configure VPN access on a Cisco WRV210 wireless-G vpn router -range booster

Please help....
I need to configure a vpn on a Cisco WRV210 Wireless-G VPN Router - RangeBooster, i have five users that are going to connect to a file server. windows and Mac laptops will be connecting. The file server access is all set i just need a step by step document to configure the vpn screens on the router.thanks

Hi Robert
You can refer the below link in finding out the exact config to start with.
do make sure that your Cisco 831 box with the current IOS code installed in it supports the required feature to run the same..
http://www.cisco.com/en/US/tech/tk583/tk372/tech_configuration_examples_list.html#anchor16
regds

Problem with Cisco 861W router and outgoing VPN

We have a Cisco 861W router that is blocking an outgoing PPTP on the internal access point only. The outgoing VPN works when the traffic is through a wired connection or the connection is on another access point. We fail to make a connection only when connection to the 861W's internal Access Point.
Here is the Access Point Configuration:
Current configuration : 2100 bytes
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname obap
enable secret 5 $1$.1RF$go1D7WITXUn3s8TUaw3tC.
no aaa new-model
dot11 syslog
dot11 ssid OLIVER
   authentication open
   authentication key-management wpa
   guest-mode
   wpa-psk ascii 0 XXXXXXXXXXX
username XXXXXX privilege 15 secret 5 $1$Wc0K$OzcQDDQfjHP6La31eXMoG/
bridge irb
interface Dot11Radio0
no ip address
no ip route-cache
encryption mode ciphers aes-ccm tkip
ssid OLIVER
antenna gain 0
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
interface GigabitEthernet0
description the embedded AP GigabitEthernet 0 is an internal interface connecti
ng AP with the host router
no ip address
no ip route-cache
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
interface BVI1
ip address 192.168.0.2 255.255.255.0
no ip route-cache
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
banner login ^CC
% Password change notice.
Default username/password setup on AP is cisco/cisco with priv¾ilege level 15.
It is strongly suggested that you create a new username with privilege level
15 using the following command for console security.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want to
use. After you change your username/password you can turn off this message
by configuring "no banner login" and "no banner exec" in privileged mode.
^C
line con 0
privilege level 15
login local
no activation-character
line vty 0 4
login local
cns dhcp
end
obap#
Here is the Router's Configuration:
Current configuration : 5908 bytes
! No configuration change since last restart
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname obrouter
boot-start-marker
boot-end-marker
logging buffered 51200
logging console critical
enable secret 5 $1$i9XE$DjxFVAEC9nC4/r6EQKCd6/
no aaa new-model
memory-size iomem 10
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
crypto pki trustpoint TP-self-signed-1856757619
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1856757619
revocation-check none
rsakeypair TP-self-signed-1856757619
crypto pki certificate chain TP-self-signed-1856757619
certificate self-signed 01
3082024D 308201B6 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31383536 37353736 3139301E 170D3036 30313032 31323030
34345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 38353637
35373631 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100B1A4 FB786547 3D582260 03DB768D 116BDE9A 309FBA04 B53F77B0 BFE32344
7C3439B3 97192B36 760A9411 1D5C7549 8D86F532 ABA44F53 0D08B7F4 A9A747D5
071330C3 65BF25A8 927F3596 29BB5A80 90C8D169 22268476 3B8DDE1E FDB7170D
B4820D03 5580A849 A92C7E76 9AC10867 505A2FEE 64360741 7F9DBDBF 3D79982C
F81D0203 010001A3 75307330 0F060355 1D130101 FF040530 030101FF 30200603
551D1104 19301782 156F6272 6F757465 722E6272 75736868 6F672E63 6F6D301F
0603551D 23041830 168014D8 5BC2FFB2 967A4C7B 11B44122 5C8D31F7 749B9230
1D060355 1D0E0416 0414D85B C2FFB296 7A4C7B11 B441225C 8D31F774 9B92300D
06092A86 4886F70D 01010405 00038181 005901F1 C239074B B8213567 CF7B65BF
DAFE4557 69B2A3B1 5F2593C7 A54B9598 23FD5E7A 563AA6E0 AFB25801 FA0061E8
F9545372 DB600B3A BE68AE65 1EDA593E 6A0C96B8 5A4136AF 393F9AAC 651E1C36
B8B7C6C0 47936C24 D2ECE9A5 9446EE32 FC7461FA AD8CF1CE A7FBF341 07E9C3C6
505AB88D 0E7FCAFC 5792298A E5E4D1FE CC
        quit
no ip source-route
ip dhcp excluded-address 192.168.0.1 192.168.0.99
ip dhcp pool ccp-pool1
   import all
   network 192.168.0.0 255.255.255.0
   dns-server 216.49.160.10 216.49.160.66
   default-router 192.168.0.1
ip cef
no ip bootp server
ip domain name brushhog.com
ip name-server 216.49.160.10
ip name-server 216.49.160.66
license udi pid CISCO861W-GN-A-K9 sn FTX155281FY
username tech38 privilege 15 secret 5 $1$d/4Z$n/23EsXbzfHF5XfJ8Nv.y0
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
pppoe-client dial-pool-number 1
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.0.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1412
interface Dialer0
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip flow ingress
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname XXXXXXXXXXXXX
ppp chap password 7 XXXXXXXXXXXXXXXX
ppp pap sent-username XXXXXXXXXXXXXX password 7 XXXXXXXXXXX
no cdp enable
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source static tcp 192.168.0.25 80 interface Dialer0 80
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.0.0 0.0.0.255
dialer-list 1 protocol ip permit
no cdp run
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^CAuthorized access only!
Disconnect IMMEDIATELY if you are not an authorized user!^C
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end
Any help would be appreciated

Hello,
i have the same problem with router CISCO861W-GN-E-K9. Version 12.4(22r)YB5, RELEASE SOFTWARE (fc1)
Can someone help?
Thank you.
Here is my config for internal AP and router.

Does Cisco 857 router support Easy VPN?!!

Hi,
I've a Cisco 857 router with a 12.4(6)T IOS.
I want to configure it to act as an Easy VPN server, to allow my remote clients -using cisco vpn clients- to access the internal resourses behind the router.
Is it applicable with this router model?!!
thanks and regards,
Ala

Ala, upsolutely, you would probably need advance k9 security image, check at software advisory tools and slect software features for your platform.
sofware advisory
http://tools.cisco.com/Support/Fusion/FusionHome.do
857 Models See table 3 Software feature
http://www.cisco.com/en/US/prod/collateral/routers/ps380/ps6195/product_data_sheet0900aecd8028a9a9_ps380_Products_Data_Sheet.html
HTH
Rgds
Jorge

Problem with Cisco 831 router NAT translation or routing

Hello,
I’ve reviewed several post on this forum, very useful, and I think this 831 router config should allow for NAT'ng port 8080 to the ‘inside’ ip address, per this statement below. but my efforts have not been successful, no responses get back to outside client (xx.24.40).   clients on inside can communicate outbound fine. The iis server at .10.3 is definitely up and running on port 8080. I know this is probably a duplicate of other posts but if anyone can pinpoint my error I would really appreciate it!!
ip nat inside source static tcp 10.10.10.3 8080 interface Ethernet1 8080
Here is some debug ip nat output when attemping to connect on port 8080, do not get response back from server to external client (xx.24.40)….
Feb 03 13:22:49 10.10.10.1 297472: *Mar 2 00:09:31.894: NAT: o: tcp (xx.xx.254.40, 44123) -> (xx.xx.254.128, 8080) [21674]
Feb 03 13:22:49 10.10.10.1 297473: *Mar 2 00:09:31.894: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21674]
Feb 03 13:22:52 10.10.10.1 297474: *Mar 2 00:09:34.906: NAT: o: tcp (xx.xx.254.40, 44122) -> (xx.xx.254.128, 8080) [21678]
Feb 03 13:22:52 10.10.10.1 297475: *Mar 2 00:09:34.906: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21678]
Feb 03 13:22:52 10.10.10.1 297476: *Mar 2 00:09:34.906: NAT: o: tcp (xx.xx.254.40, 44123) -> (xx.xx.254.128, 8080) [21679]
Feb 03 13:22:52 10.10.10.1 297477: *Mar 2 00:09:34.906: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21679]
Feb 03 13:22:58 10.10.10.1 297478: *Mar 2 00:09:40.906: NAT: o: tcp (xx.xx.254.40, 44122) -> (xx.xx.254.128, 8080) [21684]
Feb 03 13:22:58 10.10.10.1 297479: *Mar 2 00:09:40.906: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21684]
Feb 03 13:22:58 10.10.10.1 297480: *Mar 2 00:09:40.906: NAT: o: tcp (xx.xx.254.40, 44123) -> (xx.xx.254.128, 8080) [21685]
Feb 03 13:22:58 10.10.10.1 297481: *Mar 2 00:09:40.910: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21685]
Feb 03 13:23:10 10.10.10.1 297482: *Mar 2 00:09:52.922: NAT: o: tcp (xx.xx.254.40, 44124) -> (xx.xx.254.128, 8080) [21698]
Feb 03 13:23:10 10.10.10.1 297483: *Mar 2 00:09:52.922: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21698]
Feb 03 13:23:13 10.10.10.1 297484: *Mar 2 00:09:55.930: NAT: o: tcp (xx.xx.254.40, 44124) -> (xx.xx.254.128, 8080) [21702]
Feb 03 13:23:13 10.10.10.1 297485: *Mar 2 00:09:55.930: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21702]
Feb 03 13:23:19 10.10.10.1 297486: *Mar 2 00:10:01.934: NAT: o: tcp (xx.xx.254.40, 44124) -> (xx.xx.254.128, 8080) [21709]
Feb 03 13:23:19 10.10.10.1 297487: *Mar 2 00:10:01.934: NAT: s=xx.xx.254.40, d=xx.xx.254.128->10.10.10.3 [21709]
Feb 03 13:23:58 10.10.10.1 297489: *Mar 2 00:10:41.306: NAT: expiring xx.xx.254.128 (10.10.10.3) tcp 8080 (8080)
538-R1023-C830#sh running-config full
Building configuration...
Current configuration : 4329 bytes
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname 538-R1023-C830
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
no logging console
no aaa new-model
resource policy
ip subnet-zero
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1
ip dhcp pool sdm-pool
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
   dns-server 10.1.18.152
   lease 0 2
ip cef
ip domain list sd.cox.net
ip domain name sd.cox.net
no ip ips deny-action ips-interface
no ftp-server write-enable
crypto pki trustpoint TP-self-signed-75609932
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-75609932
revocation-check none
rsakeypair TP-self-signed-75609932
crypto pki certificate chain TP-self-signed-75609932
certificate self-signed 01
<snip>
interface Ethernet0
description inside
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
interface Ethernet1
description outside
ip address dhcp
ip access-group 101 in
ip nat outside
ip virtual-reassembly
duplex auto
interface Ethernet2
no ip address
shutdown
interface FastEthernet1
no ip address
duplex auto
speed auto
interface FastEthernet2
no ip address
duplex auto
speed auto
interface FastEthernet3
no ip address
duplex auto
speed auto
interface FastEthernet4
no ip address
duplex auto
speed auto
no ip classless
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 600 life 86400 requests 10000
ip nat inside source list 1 interface Ethernet1 overload
ip nat inside source static tcp 10.10.10.3 8080 interface Ethernet1 8080
logging trap debugging
logging 10.10.10.3
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 101 permit ip any any
control-plane
banner login ^C
^C
line con 0
login local
no modem enable
line aux 0
line vty 0 4
privilege level 15
login local
transport input telnet ssh
scheduler max-task-time 5000
end

Hi Alain,
yes, the client i was testing with is on the same subnet as public router ip. Good thought on the firewall, I will disable any firewall on iis machine (my laptop) and re-test. will reply with those results on Monday.   ultimately i'm needing to test nat for port 9100 to a printer, I'll add that and test as well, firewall shouldn't be a factor with printer.
thank you.
Grant

Cisco IOS Router to PIX VPN Issues

Hi Everyone,
I have a small issue here which someone may be able to shed some light on.
I have a Cisco IOS router which is terminating a site-to-site VPN connection on the dialer interface. The PIX on the other end is behind a NAT router. The tunnel is being established and one subnet is able to see another when the tunnel is up. The thing we are having an issue is both networks on each side of the VPN contain multiple subnets and i cannot connect to all the subnets over the same tunnel.
Any ideas.

Yes all this is setup.
I have just found out that Cisco IOS can only make connections from 1 network per crypt map unless multiple connections are made from server to host. This is quite disturbing because i have not seen this in any documentation.
Does anyone know of IOS to PIX IPsec with multiple subnets on each side of the network.

I am unable to browse internet from my cisco 881 router and configuration is below could any one help me in this regard

HOME#sho run
Building configuration...
Current configuration : 5657 bytes
! Last configuration change at 10:51:11 UTC Fri May 17 2013 by admin
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname HOME
boot-start-marker
boot-end-marker
logging buffered 51200 warnings
enable secret 5 $1$bgx9$VrtQW3Wg182VyYhKAHLbN.
no aaa new-model
memory-size iomem 10
crypto pki trustpoint TP-self-signed-1190003239
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1190003239
revocation-check none
rsakeypair TP-self-signed-1190003239
crypto pki certificate chain TP-self-signed-1190003239
certificate self-signed 01
3082024A 308201B3 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31313930 30303332 3339301E 170D3133 30353137 31303333
35315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 31393030
30333233 3930819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100C002 80BBF151 E095E469 AA7DBB18 2A9E3CC2 4AC223F6 ABE0AF49 876C1203
65D0E246 786F174D E5B7897A 44C5755A 2571E58A 184A6C62 DD992A2A D8A24878
25A8D3C3 03F5D3C2 522EC8BB 302B0CCD 2945087A 7AF01418 D0056679 6F64DB4A
BE2D5DA1 106CD03A 83B422A2 3CCBAE88 F2413123 12269390 6949DFE0 411118E7
8F210203 010001A3 72307030 0F060355 1D130101 FF040530 030101FF 301D0603
551D1104 16301482 12484F4D 452E7777 772E7961 686F6F2E 636F6D30 1F060355
1D230418 30168014 3D2D854D 1203F50D 77F4ABC5 B61CEAF6 C922F4DF 301D0603
551D0E04 1604143D 2D854D12 03F50D77 F4ABC5B6 1CEAF6C9 22F4DF30 0D06092A
864886F7 0D010104 05000381 8100B24C 48BACACE 87ADEA03 386F2045 CC89624A
4EB1AD09 062EB2A4 CF4C96CA 0B2CF001 BD2C3804 8DC47FED 6A5B5F0D 3965AC6E
4FC4682F 707E4132 8F27C083 C7FAE1BD 21D055E6 C79D5DAD 051B6321 D35DB4F2
044E6BBD DAD08B6A 6ED87C7E 08F4F7E1 4EFDFB6F 867AF6FA 84165CFC D219D56F
A82EABD4 AD9CFA24 A5088145 E571
        quit
ip source-route
ip routing protocol purge interface
ip dhcp excluded-address 10.10.10.1
ip dhcp pool ccp-pool
   import all
   network 10.10.10.0 255.255.255.248
   default-router 10.10.10.1
   domain-name www.google.com
   dns-server 192.168.1.1
   lease 0 2
ip cef
ip domain name www.yahoo.com
ip name-server 84.235.6.55
ip name-server 84.235.57.230
no ipv6 cef
multilink bundle-name authenticated
license udi pid CISCO881-SEC-K9 sn FCZ1516933C
username admin privilege 15 password 0 cisco
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
ip address dhcp
ip access-group 101 in
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 10.10.10.1 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat inside
ip nat enable
ip virtual-reassembly
ip tcp adjust-mss 1452
interface Vlan2
no ip address
ip nat inside
ip virtual-reassembly
ip default-gateway 192.168.1.1
ip forward-protocol nd
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 101 interface FastEthernet4 overload
ip route 0.0.0.0 0.0.0.0 FastEthernet4
access-list 23 permit 10.10.10.0 0.0.0.7
access-list 101 permit ip any any
dialer-list 1 protocol ip permit
no cdp run
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^C
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE
PUBLICLY-KNOWN CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL
NOT BE ABLE TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
^C
banner motd ^Cuthorized ^C
line con 0
login local
no modem enable
line aux 0
line vty 0 4
access-class 23 in
privilege level 15
password cisco
logging synchronous
login local
transport input telnet ssh
scheduler max-task-time 5000
end

HOME#ping 4.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.2.2.2, timeout is 2 seconds:
Success rate is 0 percent (0/5)
HOME#sh ip int br
Interface                  IP-Address      OK? Method Status                Protocol
FastEthernet0              unassigned      YES unset down                  down
FastEthernet1              unassigned      YES unset down                  down
FastEthernet2              unassigned      YES unset down                  down
FastEthernet3              unassigned      YES unset down                  down
FastEthernet4              192.168.1.120   YES DHCP   up                    up
NVI0                       10.10.10.1      YES unset up                    up
Vlan1                      10.10.10.1      YES NVRAM down                  down
Vlan2                      unassigned      YES NVRAM down                  down
HOME#
fast ethernet is connected to my internet connection

Cisco DSL-Router 876W: VPN with Apple Builtin PPTP??

Hello
I spoke last week to someone about the VPN Problems with several Firewalls and Routers. I hate it to use VPN Tracker, Cisco VPN Client or IP Securitas. I would like to use only the builtin VPN Clients of the Apple OS X.
He suggest me to use Cisco 876 Router. That VPN should support the builtin VPN Client of Apple. Has some member of this forum testet this Router and get the VPN working?
I tried to contact Cisco here in Switzerland, but they have nearly any know-how of Apple Products
Who can help me?
Regards
Gérard

Hello
We had installed the Cisco Router with the VPN Server.
It is possible to make a connection with the builtin PPTP Client of Apple. The Connection is very instable. It disconnect every X minutes.
Ferther I am not able to use all the Apple Remote Desktop funktion. So I see the ARD Client at the VPN Site. Im am able to see which Program is running and are also able to update the ARD Client.
But the Control and Show Funktion off ARD ist not working.
So this solution ist not useable to do Remote Maintanance
Has someone the same problems or an idea why it is not working
Regard
Gérard

CISCO 831 E-mail Problem

Hi, I'm rather new to working with a Cisco equipment. Just switched to it from a Netgear a month ago. Got a weird problem with my Cisco 831 Router at the moment.
To send e-mail I need to log into my outgoing SMTP server. But since I install the 831 it just refuses to work. When you hit send it is immediately bounced back from "System Administrator" saying "Authentication Required". If I use a SMTP server that doesn't require authentication it works fine.
Before with the netgear it worked and I've tried putting it back in since the 831 was installed. And it still works placing the blame on the 831.
Anyone came across anything like this?
Any ideas?
Thanks,
Peter

Hi,
Thanks for your reply.
Hopefully this is what your after.
Building configuration...
Current configuration : 4650 bytes
version 12.3
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname admin
no logging buffered
enable secret xxxx.
username xxx password xxx
username xxx password xxx
username xxx password xxxx
no aaa new-model
ip subnet-zero
ip name-server 62.31.64.39
ip name-server 62.31.112.39
ip dhcp excluded-address 192.168.168.1
ip dhcp excluded-address 192.168.168.168
ip dhcp excluded-address 192.168.168.101
ip dhcp pool CLIENT
import all
network 192.168.168.0 255.255.255.0
default-router 192.168.168.1
lease 0 2
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
no ftp-server write-enable
interface Ethernet0
description CRWS Generated text. Please do not delete this:192.168.168.1-255.255.255.0
ip address 192.168.168.1 255.255.255.0 secondary
ip address 10.10.10.1 255.255.255.0
ip nat inside
no cdp enable
hold-queue 32 in
interface Ethernet1
ip address dhcp client-id Ethernet1
ip access-group 111 in
ip nat outside
ip inspect myfw out
duplex auto
no cdp enable
interface FastEthernet1
no ip address
duplex auto
speed auto
interface FastEthernet2
no ip address
duplex auto
speed auto
interface FastEthernet3
no ip address
duplex auto
speed auto
interface FastEthernet4
no ip address
duplex auto
speed auto
ip nat inside source list 102 interface Ethernet1 overload
ip nat inside source static tcp 192.168.168.168 5900 interface Ethernet1 5900
ip nat inside source static tcp 192.168.168.168 80 interface Ethernet1 80
ip nat inside source static tcp 192.168.168.168 21 interface Ethernet1 21
ip classless
ip http server
no ip http secure-server
access-list 23 permit 192.168.168.0 0.0.0.255
access-list 23 permit 10.10.10.0 0.0.0.255
access-list 102 permit ip 192.168.168.0 0.0.0.255 any
access-list 111 permit tcp any any eq ftp
access-list 111 permit tcp any any eq www
access-list 111 permit tcp any any eq 5900
access-list 111 permit icmp any any administratively-prohibited
access-list 111 permit icmp any any echo
access-list 111 permit icmp any any echo-reply
access-list 111 permit icmp any any packet-too-big
access-list 111 permit icmp any any time-exceeded
access-list 111 permit icmp any any traceroute
access-list 111 permit icmp any any unreachable
access-list 111 permit udp any eq bootps any eq bootpc
access-list 111 permit udp any eq bootps any eq bootps
access-list 111 permit udp any eq domain any
access-list 111 permit esp any any
access-list 111 permit udp any any eq isakmp
access-list 111 permit udp any any eq 10000
access-list 111 permit tcp any any eq 1723
access-list 111 permit tcp any any eq 139
access-list 111 permit udp any any eq netbios-ns
access-list 111 permit udp any any eq netbios-dgm
access-list 111 permit gre any any
access-list 111 deny ip any any
no cdp run
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
line vty 0 4
access-class 23 in
exec-timeout 120 0
login local
length 0
scheduler max-task-time 5000
end

Router Re-configuration Help

Need some advise / help. A client moved locations and running a Cisco 831 router, which is hooked up to a new internet connection. I have not much experience with Cisco Routing commands and the command panel. I attempted to configure the router with new ip and DNS, but still unable to get an internet connection. Wa
I have attached two configuration files - assume the changes were saved but also not sure if need to reset or reboot the Router.
Appreciate any help.
thank you!
-jon

I bet you fixed the issue by this time, but it appears that the default route statement (ip route 0.0.0.0 0.0.0.0 < >) is missing in new config.
hth
MS

Cisco 831 Power Supply

Hello,
please i cannot find part number of Power Supply for Cisco 831.
We need new one for this router.
Thank you
Tomas

PWR-830-WW1= is the part number for the CISCO830 Series External Spare AC Power Supply.
Below are some useful document URLs:
Cisco 831 Router and SOHO 91 Router Hardware Installation Guide
http://www.cisco.com/en/US/docs/routers/access/800/831/hardware/installation/guide/overview.html
Cisco Cable Product Numbers, Part Numbers, and Descriptions
http://www.cisco.com/en/US/products/hw/routers/ps332/products_tech_note09186a0080094b45.sh
tml
Upgrading Cisco IOS Software for the Cisco 806, 826, 827, 828, 831, 836, and SOHO70
Routers
http://www.cisco.com/en/US/products/hw/routers/ps380/products_tech_note09186a0080094b23.shtml
Marcos Hernandez
Technical Marketing Engineer
Cisco Systems, Inc.

Cisco 831 CRWS (web utility) not loading

Greetings. I just unwrapped my new Cisco 831 router, and everything worked out of the box (my post in this newsgroup is proof). However, when I attempt to access the CRWS web setup utility, I get a "Please wait while we check router version, IOS version, ..." and a blue progress bar infinitely fills up and re-starts-- it never allows me to get past this point and actually access the utility. My only guess is that I'm using Firefox v1.5 and this browser isn't supported-- but this would surprise me. Has anyone had this happen to them before, and does anyone have any possible solutions? Thanks in advance!

Hi
The system requirements for CRWS are:
* PC using the Microsoft Windows 95, Windows 98, Windows Me, Windows 2000, or Windows NT operating system.
* Netscape 4.5 or better
* IE 4.0 or better
* Java enabled on the Web browser
* Pentium II, 166 MHz or higher
* 800 by 600 screen resolution with 256 or more colors
It seems that Firefox isn't explicitly supported. Pls try IE or Netscape and see how you go.
Hope that helps - pls rate the post if it does.
Regards,
Paresh,

Cisco 891FW Router - Web Gui

Hey guys,
Bare with me, as I am Cisco newbie and not too familiar with their setups.
I essentially want to be able to use the web interface of the router to configure VPNs, port forwards, etc. and not use CLIs.
Just got a Cisco 891FW Router for a client and want to pre-setup everything, but I couldn't seem to get into the web interface of the router. After finding out (correct me if I am wrong) that it is disabled by default, so you will have to use console to configure it.
So with the cable console I was provided, I used putty and got into that interface (this is where I lack experience in use). Referring to this guide (http://www.cisco.com/c/en/us/td/docs/ios/12_2/configfun/configuration/guide/ffun_c/fcf005.pdf), I tried to enable the Web GUI of the router.
So the commands I ran are:
Router(config)# ip http server
Router(config)# ip http authentication aaa
Router(config)# aaa authentication login default local
I connected a ethernet cable from one of the LAN ports to my laptop and it got an IP address (192.168.15.100). I opened my web browser and put in http://<router name>, and nothing; even tried 192.168.15.1 as I figured that would be the web interface since I got a .15 address.
Did I miss a step or am I following the wrong guide? I am not too familiar with Cisco routers (beside you basic home/small business ones with the WebGUI enabled by default) so if you guys can show me a guide specific to my model, or give me a step-by-step on how to enable the web interface that would be appreciated.
Thanks for any help

Hi,
I'm a little rusty as I always use the CLI and only ever disable the web interface :), but your config looks a little weird.
Try this:
(config)#ip http server
(config)#ip http authentication local
(config)#username jbenoza privilege 15 secret 0 cisco
(config)#wri
Enter the IP address of the router (which will be the default gateway of the DHCP address you were provided) in the web browser and this will allow you to connect.
If you still experience issues, please post the output of a show run as there may be further configurations necessary.

Questions regarding Outlook Web App, Remote Desktop, Remote Web Access and VPN Access

Hi there,
I want to ask a series of questions regarding Outlook Web App, Remote Desktop, Remote Web Access and VPN access and was hoping whether you could help me. Below are my questions to ask you.
Outlook Web App - What do I need to configure in order to get my Exchange account to work with the OWA app on my iPhone? Is Office 360 required on the server that hosts Outlook Web App in our organisation? When I configure the settings and
connect I get the following message "couldn't connect - We couldn't connect to the server. Check your information and make sure it's correct." I can connect with other devices using Outlook Web App.
Remote Desktop - What do I need to configure in order to connect to my computer at work using Remote Desktop on my Windows Phone? When I configure the settings and connect I get the following message "Connection error - We couldn't connect
to the remote PC. Make sure the PC is turned on and connected to the network, and that remote access is enabled. Inquiring minds may find this error code helpful: 0x204" I can connect with other devices using Remote Desktop. There are currently no
RD Server settings in the Remote Desktop app on the Windows Phone and the only way I'm to connect to my PC at work is via Remote Desktop and not to be confused with the one by Microsoft, however the app is on a trial basis and times out every 5 minutes and
can only be used once every hour unless I purchased the app for £2.99 off the App Store but would ideally like to use the Microsoft Remote Desktop app though.
Remote Web Access - What do I need to configure in order to get Remote Web Access on my Windows Phone using a URL? When I log in using a URL I get the following message "There is a problem with this Web page. Please contact the person who manages
the server" I can connect with other devices using Remote Web Access. Also how do you enable the background option for Remote Web Access? I know how to do this in Remote Desktop but not in Remote Web Access. Remote Web Access works on PCs regardless
being onsite and offsite and on my iPhone, the same issue also occurs with my Nokia 5230s regardless of whether I'm using Opera Mobile or Mini or the latest Nokia Browser.
VPN access - How do you configure VPN access on a Windows Phone using VPN? I cannot find the protocols PPTP, L2TP, SSTP and IPsec in order to configure VPN access on the Windows Phone apart from IKEv2.
Many thanks,
RocknRollTim

Any help would be much appreciated.
Kind regards,
RocknRollTim

Cisco 831 and "Can't get video from the camera."

I'm running a Cisco 831 router with ios 12.4(5a) installed. Every time I try to initiate a video chat with a computer going through the router, I get the "Can't get video..." error. It works fine with computers on my internal network and if I bypass the Cisco router and plug straight into my Cable modem.
I've covered every conceivable TCP/UDP port being open (per numerous pages re: port 5060, 5190, etc.) and have even gone as far as testing with "permit UDP any any" and "permit TCP any any" at the top of the rules. No luck.
I've been reading about the possibly needing to "unbind" SIP (port 5060). Is this something that a Cisco 831 router would require? The router doesn't seem to respond to any of the documented Cisco command re: VoIP and does not have any phone support that I'm aware of.
If anyone has any info that can help me get his up-and-running, I'd be much obliged.
Thanks,
Matheau

Hi Kcritchie,
It will most likely look like that. But in this case it should be on the UDP protocol.
The link looks useful (it takes a scroll down to see it for others looking)
If I do nat bindlist in my Alcatel I get this
Last login: Thu Jun 29 12:36:20 on console
Welcome to Darwin!
Ralph-G4:~ Ralph$ telnet 10.0.0.138
Trying 10.0.0.138...
Connected to speedtouch.johnshome.
Escape character is '^]'.
Username :
(Pic line drawing edited out here )
=>nat bindlist
Application Proto Port
ESP esp 1
FTP tcp 21
GRE gre 1
H323 tcp 1720
IKE udp 500
ILS tcp 389
ILS tcp 1002
IP6TO4 6to4 1
IRC tcp 6660-6670
JABBER tcp 5222
JABBER tcp 15222
PPTP tcp 1723
RAUDIO(PNA) tcp 7070
RTSP tcp 554
=>
On my device this is because the SIP binding on UDP port 5060 is unbound.
2:30 PM Thursday; June 29, 2006

Cisco 831 Router to Configure VPN Access

Similar Messages

Maybe you are looking for