Home > IT Answers > Networking > VPN pass-through Cisco 1841
Murgam
5 pts.
 VPN pass-through Cisco 1841
Cisco 1841, VPN
Hi there, 
I have zywall p1 behind our cisco 1841 and i'm trying to pass-through vpn on a cisco 1841. ZyWAll p1 is terminator on the inside network and its ip address is : 172.16.178.1. But, zywall p1 is not our device its from other agency with which we need to establish vpn. Here is my configuration on Cisco 1841: 
cisco#sh run
Building configuration...
Current configuration : 4072 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname cisco
!
boot-start-marker
boot-end-marker
!
security authentication failure rate 3 log
security passwords min-length 6
no logging on
!
no aaa new-model
!
resource policy
!
clock timezone CST -1
clock summer-time CDT recurring
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip source-route
ip cef
!
!
ip tcp synwait-time 10
no ip dhcp use vrf connected
!
!
no ip bootp server
ip domain name mikroaldi.org
ip name-server 195.222.32.10
ip name-server 195.222.32.20
!
!
!
!
interface FastEthernet0/0
 description LAN$ES_LAN$
 ip address 10.0.1.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat inside
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface FastEthernet0/1
 description WAN
 ip address 92.36.231.254 255.255.255.252 secondary
 ip address 80.65.83.48 255.255.255.192
 ip access-group 101 in
 ip verify unicast reverse-path
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip nat outside
 ip route-cache flow
 duplex auto
 speed auto
 no mop enabled
!
interface Serial0/0/0
 no ip address
 no ip redirects
 no ip unreachables
 no ip proxy-arp
 ip route-cache flow
 shutdown
!
ip classless
ip route 0.0.0.0 0.0.0.0 80.65.83.1
ip route 10.0.0.0 255.255.255.0 10.0.1.10
!
ip http server
ip http authentication local
ip nat inside source list AllowNAT interface FastEthernet0/1 overload
ip nat inside source static tcp 80.65.83.48 3389 10.0.0.11 3389 extendable
ip nat inside source static tcp 10.0.1.10 21 80.65.83.48 21 extendable
ip nat inside source static tcp 10.0.1.10 22 80.65.83.48 22 extendable
ip nat inside source static tcp 10.0.1.10 25 80.65.83.48 25 extendable
ip nat inside source static tcp 10.0.1.10 80 80.65.83.48 80 extendable
ip nat inside source static tcp 10.0.1.10 110 80.65.83.48 110 extendable
ip nat inside source static tcp 10.0.1.10 143 80.65.83.48 143 extendable
ip nat inside source static tcp 10.0.1.10 443 80.65.83.48 443 extendable
ip nat inside source static udp 10.0.1.10 500 80.65.83.48 500 extendable
ip nat inside source static tcp 10.0.1.10 1723 80.65.83.48 1723 extendable
ip nat inside source static tcp 10.0.1.10 2525 80.65.83.48 2525 extendable
ip nat inside source static tcp 10.0.1.10 3389 80.65.83.48 3389 extendable
ip nat inside source static udp 10.0.1.10 4500 80.65.83.48 4500 extendable
ip nat inside source static tcp 10.0.1.10 5900 80.65.83.48 5900 extendable
!
ip access-list extended AllowNAT
 permit tcp any any eq 1723
 permit tcp any any
 permit udp any any eq isakmp
 permit udp any any
 permit ip any any
!
no logging trap
access-list 101 deny   ip 217.33.40.208 0.0.0.15 any log
access-list 101 deny   ip 220.132.157.0 0.0.0.255 any log
access-list 101 deny   ip 77.74.231.0 0.0.0.255 any log
access-list 101 deny   ip 60.29.110.0 0.0.0.255 any
access-list 101 deny   ip 219.143.199.160 0.0.0.15 any
access-list 101 permit ip host 77.74.224.138 any
access-list 101 permit ip host 80.65.78.180 any
access-list 101 permit ip host 172.16.178.1 any
access-list 101 permit ip 172.16.0.0 0.0.255.255 any
access-list 101 permit ip 10.0.1.0 0.0.0.255 any
access-list 101 permit udp any any
access-list 101 permit ip any any
no cdp run
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
!
scheduler allocate 4000 1000
end


Software/Hardware used:
Cisco 1841, ZyWall P1
ASKED: March 6, 2012  6:20 PM
RELATED QUESTIONS
Answer Wiki:
Last Wiki Answer Submitted:  Be the first to answer this question.
All Answer Wiki Contributors:  Be the first to answer this question.
To see all answers submitted to the Answer Wiki: View Answer History.


RSS - Discussions Help
Discuss This Question:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _