Menu

PPTP VPN to a Cisco router

Continuing the previous post, another type of VPN connection to a Cisco router

Enable PPTP VPN connction to a Cisco router.
this type of connection is good for smartphone or linux clients,
 aaa authentication ppp auth local
 vpdn enable

 vpdn-group PPTP
  accept-dialin
   protocol pptp

   virtual-template 1
   !
I am connecting to the interface Loopback1, use an internet routable ip on the loopback eather the WAN interface
 interface Virtual-Template1
  ip unnumbered Loopback1
  ip mtu 1492
  ip tcp adjust-mss 1360
  load-interval 30
  peer default ip address pool ippool
  ppp mtu adaptive
  ppp encrypt mppe auto stateful
  ppp authentication pap chap ms-chap-v2 ms-chap callin auth
  ppp authorization auth
 !

!
ip local pool ippool 172.16.0.0 172.16.0.5

not much to explain,
possible to change the authentication mechanism in the interface by removing some of them,
such as "ppp authentication pap callin auth"

Hope this post was helpful, If it was please consider a donation:
BTC Address: 1CnyMpjd1RntRDxSus2hu2aDMyzL4Kj29N
LTC Address: LUqrKbzGihTU2GEnL3EwsuuLHCsxCJMdtR

6 comments:

  1. These kind of blog are very helpful and make people to fight these kind of problem, the people who have problem for using PPTP vpn server should go for this blog, thanks for sharing good work

    ReplyDelete
    Replies
    1. Thank you for the kind words,
      I'm glad I could help.

      Delete
  2. How do I surf the internet using the tunnel, ie, I want to navigate using the remote connection and not the local connection. I noticed that when configuring pptp server VPDN remote hosts do not get the default gateway. The question is, how do I navigate the internet using remote access (through vpn tunnel).

    ReplyDelete
    Replies
    1. all you'll need is to NAT the external traffic,
      in other words :

      ip access-list extended nat
      10 permit ip 172.16.0.0 0.0.0.7 any

      ip nat inside source nat interface [External interface] overload

      interface Virtual-Template1
      ip nat inside

      interface [External interface]
      ip nat outside

      Delete
    2. How could browse the internet and also use my tunnel connection, both, so I want to navigate using
      my local connection.
      Thanks.

      Delete
    3. You will need to disable the use of the VPN as a Default Gateway and route all the VPN networks manually

      1. from the Dialer navigate to Properties, Then to networking, Go to the Properties of "Internet Protocol TCP\IP", Advanced, uncheck the check-box

      2. Open Command prompt (Start > Run > 'cmd') add a route for every network \ address you need to access via the VPN and point it to the IP you get from the Dialer. For example
      route add 192.168.0.0 MASK 255.255.255.0 172.16.0.1
      route add 10.0.0.23 MASK 255.255.255.255 172.16.0.1

      Delete