Configuring Site-to-Site PPTP

Discussion in 'Cisco' started by Ben Franske, Jul 10, 2003.

  1. Ben Franske

    Ben Franske Guest

    I'm trying to configure a site-to-site pptp VPN using a Cisco 1700 and
    804. I already have the configuration working on the 1700 as it is
    currently providing pptp directly to PC's; however I also need to
    allow the 804 (which is dialing directly into the 1700) to be a VPN
    I think the configuration (of the client (the 804)) should be
    something like:
    vpdn enable
    vpdn-group 1
    protocol pptp
    initiate-to ip
    ppp authentication mschap
    but I don't know how to get the tunnel to come up.
    The 1700 is running NAT, the LAN is connected to Fa0/0 and current VPN
    users come in and go out of Fa0/0 (they just get a local IP address)
    the 804 will be dialing into the 1700, although it must be behind NAT
    (Fa0/0 on the 1700 is outside, Bri0/0 is inside) essentially the VPN
    on the 804 has to "reverse" the NAT, I need the systems on the E0 of
    the 804 to appear as if they were directly connected to the Fa0/0
    network on the 1700. Right now I'm using a second 1700 with a bridging
    configuration on the second 1700 and the 804, but I need to return
    that 1700 to regular service. Any help would be appreciated!
    Ben Franske, Jul 10, 2003
    1. Advertisements

  2. Ben Franske

    Ben Franske Guest

    I was under the impression from a number of pages on Cisco's site and
    usenet postings that you are able to do pptp site-to-site. If this is
    incorrect how else might I be able to set this up?

    Ben Franske
    Ben Franske, Jul 11, 2003
    1. Advertisements

  3. Ben Franske

    Rik Bain Guest

    Setup IPSEC tunnel bewteen the two...
    Rik Bain, Jul 11, 2003
  4. Ben Franske

    Ben Franske Guest

    Is there a site with good and clear instuctions on how to do this? I'm
    very familiar with the IOS (pptp was a snap), but I get lost in the
    key creation and so on that IPSEC requires. I don't need the data
    encrypted over the VPN because it is a BRI, and don't neccecarily want
    the overhead, but if that's the only way, I'll do it. I also do not
    have the crypto module in this 1700.

    Ben Franske, Jul 12, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.