[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

https sites  does work on cisco 1841 in ppoe

Posted on 2009-05-10
5
Medium Priority
?
331 Views
Last Modified: 2012-05-06
Dear All,

I have a cisco 1841 router which is configured in PPPOE mode  I can browse the internet  but cannot browse the https sites. Any help would  be highly appriciated.

NObby
0
Comment
Question by:sankoorikal
  • 3
  • 2
5 Comments
 
LVL 7

Expert Comment

by:Ilir Mitrushi
ID: 24353979
Can you post your config?
0
 

Author Comment

by:sankoorikal
ID: 24355114
HI Mitrushi,

Thanks for the reply.Please find the config.

Rgds,
hostname xxxxxxxx

boot-start-marker
boot-end-marker

enable secret xxxxx

mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef


ip dhcp excluded-address 192.168.1.200 192.168.1.253

ip dhcp pool 0
   network 192.168.1.0 255.255.255.0
   netbios-name-server 192.168.1.1
   dns-server 213.42.20.20 195.229.241.222
   default-router 192.168.1.1
   lease 25


ip ips po max-events 100

username nobby privilege 15 secret 5745619

archive
 log config
  hidekeys
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
 group 2
no crypto isakmp ccm

crypto isakmp client configuration group xxxxxx
 key xxxxxxx
 dns 192.168.1.254
 pool VITA-VPN-POOL
 acl 199


crypto ipsec transform-set VITAVPN-SET esp-3des esp-md5-hmac
crypto dynamic-map VITAVPN-DYN 10
 set transform-set VITAVPN-SET
 reverse-route

crypto map VITAVPN-MAP client authentication list userauth
crypto map VITAVPN-MAP isakmp authorization list groupauth
crypto map VITAVPN-MAP client configuration address respond
crypto map VITAVPN-MAP 10 ipsec-isakmp dynamic VITAVPN-DYN




interface FastEthernet0/0
 description -Kidanet PPPoE Account-
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 no ip mroute-cache
 duplex auto
 speed auto
 pppoe enable
 pppoe-client dial-pool-number 1
 no cdp enable
NO SHUT

interface FastEthernet0/1
 description -LAN Interface-
 ip address 192.168.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip virtual-reassembly
 no ip mroute-cache
 duplex auto
 speed auto
 no cdp enable
interface Dialer0
 no ip address
 no cdp enable

interface Dialer1
 description -PPPoE Dialer-
 ip address negotiated
 no ip unreachables
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 no ip mroute-cache
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication chap callin
 ppp pap sent-username xxxxx password xxxxxx
 CRYPTO MAP VITAVPN-MAP

ip local pool VITA-VPN-POOL 172.31.1.1 172.31.1.10
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1


no ip http server
no ip http secure-server
ip nat inside source list 101 interface Dialer1 overload
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 101 remark ### NAT'd Traffic ###
access-list 101 deny   ip 192.168.0.0 0.0.255.255 172.31.1.0 0.0.0.255
access-list 101 permit ip 192.168.0.0 0.0.255.255 any
access-list 102 permit ip any any
access-list 199 remark ### Split Tunnel ###
access-list 199 permit ip 192.168.0.0 0.0.255.255 172.31.1.0 0.0.0.255
access-list 199 remark ### Split Tunnel ###
dialer-list 1 protocol ip permit
snmp-server community public RO
no cdp run




control-plane

line con 0
line aux 0
line vty 0 4
 password 5745619
 login
0
 
LVL 7

Accepted Solution

by:
Ilir Mitrushi earned 2000 total points
ID: 24355580
configuration looks fine. It may be a fragmentation issue. Check the mtu on dialer 1 interface. It should be 1492. If it is not you can change it with mtu 1492 command when in interface config mode
show interface dialer 1

conf t
interface dialer 1
mtu 1492

0
 

Author Comment

by:sankoorikal
ID: 24362932
Hi Mitrushi,
Thanks a ton
Rgds
0
 
LVL 7

Expert Comment

by:Ilir Mitrushi
ID: 24363462
my pleasure!
Take care
0

Featured Post

[Webinar] Cloud and Mobile-First Strategy

Maybe you’ve fully adopted the cloud since the beginning. Or maybe you started with on-prem resources but are pursuing a “cloud and mobile first” strategy. Getting to that end state has its challenges. Discover how to build out a 100% cloud and mobile IT strategy in this webinar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month19 days, 8 hours left to enroll

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question