Solved

https sites  does work on cisco 1841 in ppoe

Posted on 2009-05-10
5
320 Views
Last Modified: 2012-05-06
Dear All,

I have a cisco 1841 router which is configured in PPPOE mode  I can browse the internet  but cannot browse the https sites. Any help would  be highly appriciated.

NObby
0
Comment
Question by:sankoorikal
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:mitrushi
Comment Utility
Can you post your config?
0
 

Author Comment

by:sankoorikal
Comment Utility
HI Mitrushi,

Thanks for the reply.Please find the config.

Rgds,
hostname xxxxxxxx

boot-start-marker
boot-end-marker

enable secret xxxxx

mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef


ip dhcp excluded-address 192.168.1.200 192.168.1.253

ip dhcp pool 0
   network 192.168.1.0 255.255.255.0
   netbios-name-server 192.168.1.1
   dns-server 213.42.20.20 195.229.241.222
   default-router 192.168.1.1
   lease 25


ip ips po max-events 100

username nobby privilege 15 secret 5745619

archive
 log config
  hidekeys
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
 group 2
no crypto isakmp ccm

crypto isakmp client configuration group xxxxxx
 key xxxxxxx
 dns 192.168.1.254
 pool VITA-VPN-POOL
 acl 199


crypto ipsec transform-set VITAVPN-SET esp-3des esp-md5-hmac
crypto dynamic-map VITAVPN-DYN 10
 set transform-set VITAVPN-SET
 reverse-route

crypto map VITAVPN-MAP client authentication list userauth
crypto map VITAVPN-MAP isakmp authorization list groupauth
crypto map VITAVPN-MAP client configuration address respond
crypto map VITAVPN-MAP 10 ipsec-isakmp dynamic VITAVPN-DYN




interface FastEthernet0/0
 description -Kidanet PPPoE Account-
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip mroute-cache
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
NO SHUT

interface FastEthernet0/1
 description -LAN Interface-
 ip address 192.168.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 no ip mroute-cache
 duplex auto
 speed auto
 no cdp enable
interface Dialer0
 no ip address
 no cdp enable

interface Dialer1
 description -PPPoE Dialer-
 ip address negotiated
 no ip unreachables
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap callin
 ppp pap sent-username xxxxx password xxxxxx
 CRYPTO MAP VITAVPN-MAP

ip local pool VITA-VPN-POOL 172.31.1.1 172.31.1.10
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1


no ip http server
no ip http secure-server
ip nat inside source list 101 interface Dialer1 overload
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 remark ### NAT'd Traffic ###
access-list 101 deny   ip 192.168.0.0 0.0.255.255 172.31.1.0 0.0.0.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
access-list 102 permit ip any any
access-list 199 remark ### Split Tunnel ###
access-list 199 permit ip 192.168.0.0 0.0.255.255 172.31.1.0 0.0.0.255
access-list 199 remark ### Split Tunnel ###
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run




control-plane

line con 0
line aux 0
line vty 0 4
 password 5745619
 login
0
 
LVL 7

Accepted Solution

by:
mitrushi earned 500 total points
Comment Utility
configuration looks fine. It may be a fragmentation issue. Check the mtu on dialer 1 interface. It should be 1492. If it is not you can change it with mtu 1492 command when in interface config mode
show interface dialer 1

conf t
interface dialer 1
mtu 1492

0
 

Author Comment

by:sankoorikal
Comment Utility
Hi Mitrushi,
Thanks a ton
Rgds
0
 
LVL 7

Expert Comment

by:mitrushi
Comment Utility
my pleasure!
Take care
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Juniper VPN devices are a popular alternative to using Cisco products. Last year I needed to set up an international site-to-site VPN over the Internet, but the client had high security requirements -- FIPS 140. What and Why of FIPS 140 Federa…
If you use NetMotion Mobility on your PC and plan to upgrade to Windows 10, it may not work unless you take these steps.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now