1710 and software VPN client

Discussion in 'Cisco' started by Chris, Sep 2, 2004.

  1. Chris

    Chris Guest

    At one site we have a Cisco 1710 router. It has been configured so
    that people can connect to it with the microsoft VPN client (I believe
    PPTP).

    I want to set it up so that I can connect to it using the Cisco VPN
    client software.

    I have not done this before, so can anyone tell me 1) how to find out
    if our router supports this 2) where I can't find information about
    how to configure the VPN features?

    Thanks
     
    Chris, Sep 2, 2004
    #1
    1. Advertisements

  2. Yes - it does support Cisco VPN Client connections.

    Here is the relevant bits of our config :-

    <SNIP>
    !
    aaa new-model
    !
    !
    aaa authorization network vpn-clientgroup local
    aaa session-id common
    !
    <SNIP>
    !
    ip subnet-zero
    !
    !
    no ip domain-lookup
    !
    ip audit notify log
    ip audit po max-events 100
    ip ssh time-out 120
    ip ssh authentication-retries 3
    !
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    group 2
    crypto isakmp client configuration address-pool local dynpool
    !
    crypto isakmp client configuration group vpn-clientgroup
    key *REMOVED*
    pool dynpool
    acl 111
    !
    !
    crypto ipsec transform-set transform-1 esp-3des esp-sha-hmac
    !
    crypto dynamic-map dynmap 1
    set transform-set transform-1
    !
    !
    crypto map dynmap isakmp authorization list vpn-clientgroup
    crypto map dynmap client configuration address respond
    crypto map dynmap 1 ipsec-isakmp dynamic dynmap
    !
    !
    !
    !
    interface Loopback0
    description Management Loopback address
    ip address *REMOVED*
    !
    interface Ethernet0
    ip address *PUBLIC ADDRESS REMOVED*
    half-duplex
    crypto map dynmap
    !
    interface FastEthernet0
    ip address *PRIVATE ADDRESS REMOVED*
    speed 100
    !
    ip local pool dynpool *ADDRESS RANGE REMOVED*
    ip default-gateway *PUBLIC ADDRESS REMOVED*
    ip classless
    ip route 0.0.0.0 0.0.0.0 *PUBLIC ADDRESS REMOVED*
    ip route 10.0.0.0 255.0.0.0 *PRIVATE ADDRESS REMOVED*
    ip route *REMOVED*
    no ip http server
    ip pim bidir-enable
    !
    !
    logging trap debugging
    logging source-interface FastEthernet0
    logging *REMOVED*
    access-list 111 permit ip *REMOVED* *POOL ADDRESS RANGE REMOVED*
    access-list 111 permit ip *REMOVED* *POOL ADDRESS RANGE REMOVED*
    no cdp run
    !
    <SNIP>

    Pete
     
    Pete Mainwaring, Sep 3, 2004
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.