Cisco PPTP VPN Config

Would really appreciate any help on this..

I am trying to establish a PPTP VPN from a Cisco router with a third party and send selected traffic over that VPN.

Would appreciate if someone could confirm if this is possible and perhaps provide some assistance with the required confirm or possibly just supply a sample config.

Hardware / IOS is as follows:

Cisco 877W-G-A-M-K9 Router
(C870-ADVSECURITYK9-M), Version 12.4(15)T10
flash:c870-advsecurityk9-mz.124-15.T10.bin

I have an IP address, userid and pswd for the remote PPTP VPN.

Thanks in advance to anyone who can save my sanity :)
XXXXXX# show run
Building configuration...

Current configuration : 6744 bytes
!
! Last configuration change at 13:42:14 NTP Tue Dec 28 2010 by XXXXXX
! NVRAM config last updated at 07:46:38 NTP Tue Dec 28 2010 by XXXXXX
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname XXXXXX
!
boot-start-marker
boot-end-marker
!
logging buffered 51200
logging console critical
enable secret 5 $1$yXXX$IXCDkkg2zZdOB2RTSRf0B1
!         
no aaa new-model
clock timezone NTP 11
!
crypto pki trustpoint TP-self-signed-3906683008
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-3906683008
 revocation-check none
 rsakeypair TP-self-signed-3906683008
!
!
crypto pki certificate chain TP-self-signed-3906683008
 certificate self-signed 01
  30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030 
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 33393036 36383330 3038301E 170D3130 31323235 31383534 
  34365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649 
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D33 39303636 
  38333030 3830819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281 
  81009048 9F6716E9 4AF0942D C8B3D15C 7E77EFD9 95BCA110 D04D5D6C BA142CC0 
  5DA22760 BF77446F 4A768087 AF843670 929BB477 4F809D62 19EC295C 2C363398 
  64240BF2 97DA2052 ED72DA55 966A96B6 699C4DF2 8C2223EF C137EFE8 78DC3DB0 
  5470EC97 FF103C06 6650B990 2D72C7F4 F0FFCE41 4D99EAE4 DB6E682E F58F40CC 
  77C90203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603 
  551D1104 1C301A82 18534B59 4E45542D 5359442E 7061756C 7061796E 652E636F 
  6D301F06 03551D23 04183016 80144AA5 C6C82308 F79EBBEF C0616102 624CF292 
  0417301D 0603551D 0E041604 144AA5C6 C82308F7 9EBBEFC0 61610262 4CF29204 
  17300D06 092A8648 86F70D01 01040500 03818100 1460AC62 928A5FD7 55907DDF 
  2E624C2A E378AF8C 2D500E3F 97F725FA 8377B837 DD5CB0F8 51826C10 69ECA72B 
  A297A6E4 2A79DE15 59F61372 FEABC1EF D7275B9A 2BB5721F 65E34DC3 64F08165 
  98D5F423 EF0013EE 691BF515 C2580474 0BF22FE1 6DCA20D3 18A7B8B1 07FB16E6 
  0F67EAFE AD6D156E E55C51F0 EB3778B1 FF377945
  	quit
dot11 association mac-list 700
dot11 syslog
!
dot11 ssid XXXXXX
   authentication open 
!
no ip source-route
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.39
ip dhcp excluded-address 10.10.10.60 10.10.10.254
!
ip dhcp pool Primary
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1 
   dns-server XXX.XXX.XXX.XXX 
!
!
no ip bootp server
ip domain name XXXXXXXXX.XXX
ip name-server XXX.XXX.XXX.XXX
!
!
!
username XXXXXX privilege 15 secret 5 $1$wi4T$qPWv3dPGwoOQFMXXXXXX
username XXX password 7 XXXXXX
! 
!
archive
 log config
  hidekeys
!
!
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh authentication-retries 2
!
bridge irb
!
!
interface ATM0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 no atm ilmi-keepalive
 dsl operating-mode auto 
!
interface ATM0.1 point-to-point
 description $ES_WAN$$FW_OUTSIDE$
 pvc 8/35 
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
!         
interface FastEthernet2
!
interface FastEthernet3
!
interface Dot11Radio0
 no ip address
 !
 ssid XXXXXX
 !
 speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
 station-role root
 bridge-group 1
 bridge-group 1 subscriber-loop-control
 bridge-group 1 spanning-disabled
 bridge-group 1 block-unknown-source
 no bridge-group 1 source-learning
 no bridge-group 1 unicast-flooding
!
interface Vlan1
 description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$
 no ip address
 ip tcp adjust-mss 1452
 bridge-group 1
!
interface Dialer0
 ip address negotiated
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip mtu 1452
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 ip route-cache flow
 dialer pool 1
 dialer-group 1
 no cdp enable
 ppp authentication pap callin
 ppp pap sent-username XXXXXX@XXXXXX password 7 0613022D475BXXXXXXXX
!
interface BVI1
 description $ES_LAN$
 ip address 10.10.10.1 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1412
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
no ip http server
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.10 8090 interface Dialer0 8081
ip nat inside source static udp 10.10.10.10 8090 interface Dialer0 8081
!
logging trap debugging
access-list 1 remark INSIDE_IF=BVI1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 700 permit 001e.XXXX.XXXX   0000.0000.0000
access-list 700 permit 0012.XXXX.XXXX   0000.0000.0000
access-list 700 permit cc08.XXXX.XXXX   0000.0000.0000
access-list 700 permit 0021.XXXX.XXXX   0000.0000.0000
access-list 700 permit cc08.XXXX.XXXX   0000.0000.0000
access-list 700 permit 0023.XXXX.XXXX   0000.0000.0000
access-list 700 permit 001b.XXXX.XXXX   0000.0000.0000
access-list 700 permit 0024.XXXX.XXXX   0000.0000.0000
dialer-list 1 protocol ip permit
no cdp run
!
!
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
 
Cisco Configuration Professional (Cisco CP) is installed on this device 
and it provides the default username "cisco" for  one-time use. If you have 
already used the username "cisco" to login to the router and your IOS image 
supports the "one-time" user option, then this username has already expired. 
You will not be able to login to the router with this username after you exit 
this session.
 
It is strongly suggested that you create a new username with a privilege level 
of 15 using the following command.
 
username <myuser> privilege 15 secret 0 <mypassword>
 
Replace <myuser> and <mypassword> with the username and password you 
want to use.
 
-----------------------------------------------------------------------
^C
banner login ^CAuthorized access only!
 Disconnect IMMEDIATELY if you are not an authorized user!^C
!
line con 0
 exec-timeout 30 0
 logging synchronous
 login local
 no modem enable
 transport output telnet
line aux 0
 login local
 transport output telnet
line vty 0 4
 exec-timeout 30 0
 privilege level 15
 logging synchronous
 login local
 transport input ssh
!
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
ntp logging
ntp clock-period 17182131
ntp server XXX.XXX.XXX.XXX
end

XXXXXX#

Open in new window

LVL 2
SuncoreAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DIPRAJCommented:
http://www.cisco.com/application/pdf/paws/29781/pptp-ios.pdf

the above link may solve your problem..
after that you need to configure pptp client in your system.
in case you need help for client configuration please let me know
SuncoreAuthor Commented:
diprajbasu - Thanks for taking the time to comment - I appreciate it.

Unfortunately, that document does not relate to the solution I am trying to solve.

I want to local Cisco router to connect to a remote PPTP VPN.  i.e. the local Cisco router should be the VPN client, not the VPN server.

I want to send certain local traffic over a PPTP VPN established by the local Cisco.

Any ideas on if this is possible and if so how to achieve it?
DIPRAJCommented:
i think that is not possible..but i am not very much sure about it.

cisco support community says.."not possible"..you can check the same..just follow the below link.
https://supportforums.cisco.com/thread/2010872

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SuncoreAuthor Commented:
Thank you.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.