Solved

HI i have a Cisco 800 series router, it seems to be blocking a pptp connection going through it. HELP worth 500?

Posted on 2004-04-21
12
577 Views
Last Modified: 2010-07-27
Hi

I have a cisco 800 series router. I'm trying to connect to a server behind it, though a microsoft pptp client. But the router doesn't allow it. It gets to the registering computer on network stage after verifying user name and password then bugs out and says server could not allocate an IP address. I read on the net somewhere that pptp and the cisco router both use GRE or something, they apartently conflict or something. Is there an access list or something i can setup to allow protocol access for GRE.

Or another solution if this is complete crap?

Thanks

Xaero
0
Comment
Question by:xaero_cool
12 Comments
 
LVL 7

Expert Comment

by:IceRaven
ID: 10877093
Hi xaero_cool,
What are you using to configure the router?  The CLI?

Cheers,
IceRaven
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 10877187
Xaero,

I ran into a similar situation before and it turned out to be that the DHCP service was not running on the server.

-Don
0
 
LVL 1

Author Comment

by:xaero_cool
ID: 10877884
I'm using the command line interface, and the DHCP is enabled becasue i can connect using a cisco VPN client and it works perfectly but pptp doesn't.

Any ideas?

Xaero
0
 
LVL 27

Expert Comment

by:Asta Cu
ID: 10878364
Have Cisco Router, was in the news, may be pertinent
http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-nonios.shtml
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 10882170
You need to do a "one to one" NAT translation to use PPTP through your router.  Yes, its because of the GRE protocol PPTP uses.  If you don't have a second public IP address to do a "one to one" NAT, you will need to look at a different solution.  What about using L2TP instead of PPTP?  You should then be able to forward TCP port 1701 and UDP port 500 to the VPN server.
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 1

Author Comment

by:xaero_cool
ID: 10882270
whats the command lines i would use to do the one to one NAT?
0
 
LVL 12

Accepted Solution

by:
Scotty_cisco earned 250 total points
ID: 10882856
you would do this

IP nat inside source static TCP 192.168.1.x 1723 interface e0 1723

where 192.168.1.x is the server address and the interface e0 is the address of the public interface on your router and port 1723 is for pptp
0
 
LVL 43

Assisted Solution

by:JFrederick29
JFrederick29 earned 250 total points
ID: 10883928
One to one NAT would be:

ip nat inside source static 192.168.x.x y.y.y.y (where y.y.y.y is your public IP address).
0
 
LVL 1

Author Comment

by:xaero_cool
ID: 11038385
Is there any other way if i didn't have a spare Ip address, and when you say spare i have a patch panel with a number of IP addresses which are all behind a router. The have extrenal access but through the router or do u mean an extra IP address on the same level as the router?
0
 
LVL 43

Expert Comment

by:JFrederick29
ID: 11125747
You would need another IP address from your ISP.  A routable, public IP address like the one assigned to the outside interface of your router, not an internal, private IP address.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

In a WLAN, anything you broadcast over the air can be intercepted.  By default a wireless network is wide open to all until security is configured. Even when security is configured information can still be intercepted! It is very important that you …
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now