Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Simultaneous Easy VPN Client and Server Support

Simultaneous Easy VPN Client and Server Support

Oct 18,2009 by alperen

small font medium font large font
image

Simultaneous Easy VPN Client and Server Support

Cisco Easy VPN Remote Phase Two more fully supports configuring simultaneous Easy VPN Client and Cisco Easy VPN Server support on the same Cisco 1700 series routers. You can configure one outside interface as a Cisco Easy VPN Server and another outside interface on the same router as a Cisco Easy VPN Client. Figure 12-12 shows an example of a router (Rtr2) acting as both an Easy VPN Client and a Server.

Click To expand
Figure 12-12: Router (Rtr2) acting as both an Easy VPN Client and a Server

The following example shows the configuration for the VPN client and server features on Rtr2. Some lines were eliminated to conserve space:

Rtr2#show run
version 12.2
!
hostname Rtr2
!
aaa new-model
aaa authorization network vpn-client-grp local 
aaa session-id common
!
ip subnet-zero
no ip domain-lookup
ip ssh time-out 120
ip ssh authentication-retries 3
!
crypto isakmp policy 10
 authentication pre-share
 group 2
crypto isakmp client configuration address-pool local loc-pool
!
crypto isakmp client configuration group vpn-server-grp
 key vpn-grp-key
 dns 192.168.0.13 192.168.0.15
 wins 192.168.0.14 192.168.0.16
 domain vpn-test.com
 pool loc-pool
!
crypto ipsec transform-set trans-set-1 esp-3des esp-md5-hmac 
!
crypto ipsec client ezvpn client1
 connect auto
 group vpn-client-grp key vpn-grp-key
 mode client
 peer 1.1.100.17                                (Rtr1)
!
crypto dynamic-map dyn-map 1
 set transform-set trans-set-1 
!
crypto map dyn-map isakmp authorization list vpn-server-grp
crypto map dyn-map client configuration address respond
crypto map dyn-map 1 ipsec-isakmp dynamic dyn-map 
!
interface FastEthernet0/0
 description Connection to Branch Office - VPN Clients
 ip address 5.0.0.1 255.0.0.0
 crypto ipsec client ezvpn client1 inside
!
interface Serial0/0
 description Connection to Corporate Network - VPN Server
 ip address 1.0.0.1 255.0.0.0
 no fair-queue
 crypto ipsec client ezvpn client1
!
interface Serial0/1
 description Connection to telecommuters - VPN Clients
 ip address 1.2.0.1 255.255.0.0
 crypto map dyn-map                            (for server functionality)
 crypto ipsec client ezvpn client1 inside      (for client functionality)
!
ip local pool loc-pool 1.2.0.3 1.2.0.31 
ip classless
!
line con 0
line aux 0
line vty 0 4
end


Rtr2#

Cisco Easy VPN Remote Web Manager

Cisco Easy VPN Remote Phase Two introduced using the Cisco Easy VPN Remote Web Manager to manage the Cisco uBR905 and Cisco uBR925 cable access routers. The Cisco Easy VPN Remote Web Manager is a built-in web-interface application resident on the uBR905 and uBR925 devices. The Web Manager enables the user to avoid the command-line interface (CLI) to perform the following functions:

  • See the current status of any Easy VPN Remote Phase Two tunnels

  • Connect or disconnect a tunnel configured for manual control

  • Reset a tunnel configured for automatic connection

  • Be prompted for Xauth information if Xauth information is needed cp12Cisco VPN Firewall


582 times read

Related news
» Phase Two Features-Manual Tunnel Control
by alperen posted on Oct 18,2009
» NAT Interoperability Support
by alperen posted on Oct 18,2009
» Easy VPN Remote Phase Two
by alperen posted on Oct 18,2009
» Peer Host Name Enhancement
by alperen posted on Oct 18,2009
» Client Connection Process
by alperen posted on Oct 02,2009
Did you enjoy this article?
1 2 3 4 5
(total 0 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.