PPTP behind Cisco 2821 - help!

D

David L. West

I have a Win2003 server that accepts MS RRAS PPTP VPN connections. Or
rather, it did until I moved them from the cheap soho routers they used to
be on to a shiny new 2821. The machine's public ip of 66.17.84.14 works;
outbound NAT and VPN is fine, I can RDC and FTP into the box. What doesn't
work is connecting to this box with PPTP. I get the familiar GRE error in
the event logs:

"The most common cause for this is that a firewall or router between the VPN
server and the VPN client is not configured to allow Generic Routing
Encapsulation..."

I found this article...

http://www.cisco.com/en/US/tech/tk827/tk369/technologies_configuration_example09186a00800949c0.shtml

.... but that doesn't quite apply, as the VPN server isn't behind NAT or PIX.
Public IP going right to the NIC.

I keep thinking this is an easy fix and if I were to just focus the full
light of my attention on it and google like mad I'd be able to fix it. That
was a month ago, so I'm looking for some help here.

Thanks,
Dave West

PS: Router config follows.

----------------------------------------------
Current configuration : 1421 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname rt00-core
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxx
no aaa new-model
!
ip cef
!
no ip domain lookup
multilink bundle-name authenticated
!
voice-card 0
no dspfarm
!
archive
log config
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
description v010-outside-link-to-citylink
encapsulation dot1Q 10
ip address 218.50.192.78 255.255.255.248
no ip unreachables
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
description v002-internal-mgt-vlan
encapsulation dot1Q 2
ip address 172.16.0.1 255.255.255.0
!
interface GigabitEthernet0/1.20
description v020-public-ip-inside
encapsulation dot1Q 20
ip address 66.17.84.1 255.255.255.240
no ip unreachables
!
ip default-gateway 218.50.192.73
ip route 0.0.0.0 0.0.0.0 218.50.192.73
archive
log config
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
description v010-outside-link-to-citylink
encapsulation dot1Q 10
ip address 218.50.192.78 255.255.255.248
no ip unreachables
!
interface GigabitEthernet0/1
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/1.2
description v002-internal-mgt-vlan
encapsulation dot1Q 2
ip address 172.16.0.1 255.255.255.0
!
interface GigabitEthernet0/1.20
description v020-public-ip-inside
encapsulation dot1Q 20
ip address 66.17.84.1 255.255.255.240
no ip unreachables
!
ip default-gateway 218.50.192.73
ip route 0.0.0.0 0.0.0.0 218.50.192.73
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top