Hi everyone, i am trying to setup VPN to my home network and i can not get it :( my ISP provider is comcast (cable modem) from outside i am able just to ping my IP address, no vpn or not even able to telnet into my router. From My Lan i am able to do VPN or telnet into my router. My network setup is: cable modem | | 1710 || netgear switch || W2k server - 2 XP machines - laptop ( XP0) - red hat machine tell me what do you think?? this is my config Current configuration : 2266 bytes ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname zkcisco ! enable secret 5 $1$Wlj1$Zb3CKmbVrKM73J4J.. enable password cisco ! memory-size iomem 25 ip subnet-zero ! ! ip name-server 216.148.227.68 ip name-server 10.0.0.24 ip dhcp excluded-address 10.0.0.22 ! ip dhcp pool CLIENT import all network 10.0.0.0 255.0.0.0 default-router 10.0.0.22 dns-server 10.0.0.24 ! ip inspect name fw_all udp ip inspect name fw_all ftp ip audit notify log ip audit po max-events 100 vpdn enable ! vpdn-group 1 request-dialin protocol pptp ! vpdn-group zkvpn request-dialin protocol pppoe ! ! ! crypto isakmp policy 1 encr 3des authentication pre-share group 2 crypto isakmp key ramerss hostname guinness ! ! ! ! interface Ethernet0 ip address dhcp ip nat outside no ip route-cache no ip mroute-cache half-duplex no cdp enable ! interface FastEthernet0 ip address 10.0.0.22 255.0.0.0 ip nat inside no ip route-cache no ip mroute-cache speed auto no cdp enable ! ip nat inside source list 102 interface Ethernet0 overload ip nat inside source static udp 10.0.0.24 10000 interface Ethernet0 10000 ip nat inside source static tcp 10.0.0.24 500 interface Ethernet0 500 ip nat inside source static udp 10.0.0.24 50 interface Ethernet0 50 ip classless ip route 0.0.0.0 0.0.0.0 12.240.104.1 ip http server ! ! access-list 102 permit ip any any access-list 102 permit tcp any host 10.0.0.24 eq 1723 access-list 107 deny ip 10.0.0.0 0.255.255.255 any log access-list 107 deny ip 172.0.0.0 0.255.255.255 any log access-list 107 deny ip 127.0.0.0 0.255.255.255 any log access-list 107 deny ip 255.0.0.0 0.255.255.255 any log access-list 107 deny ip 224.0.0.0 0.255.255.255 any log access-list 107 deny ip 192.168.50.0 0.0.0.255 any log access-list 107 deny icmp any any echo log access-list 107 deny tcp any any eq finger access-list 107 permit ip any any no cdp run ! snmp-server enable traps snmp authentication linkdown linkup coldstart warms snmp-server enable traps tty snmp-server host 10.0.0.23 inform version 2c public snmp snmp-server host 10.0.0.23 public snmp ! line con 0 line aux 0 line vty 0 4 password cisco login ! end

where are you going to make a VPN? from cisco to where?

I am trying to make VPN from my work to my w2k server.

I think it will not work? where is the Tunnel interface ? and you access list , you are letting everyone in? I would goto Cisco.com and check out examples on there site..