Configuring Site-to-Site PPTP

Discussion in 'Cisco' started by Ben Franske, Jul 10, 2003.

  1. Ben Franske

    Ben Franske Guest

    I'm trying to configure a site-to-site pptp VPN using a Cisco 1700 and
    804. I already have the configuration working on the 1700 as it is
    currently providing pptp directly to PC's; however I also need to
    allow the 804 (which is dialing directly into the 1700) to be a VPN
    client.
    I think the configuration (of the client (the 804)) should be
    something like:
    vpdn enable
    vpdn-group 1
    request-dialin
    protocol pptp
    initiate-to ip xxx.xxx.xxx.xxx
    ppp authentication mschap
    but I don't know how to get the tunnel to come up.
    The 1700 is running NAT, the LAN is connected to Fa0/0 and current VPN
    users come in and go out of Fa0/0 (they just get a local IP address)
    the 804 will be dialing into the 1700, although it must be behind NAT
    (Fa0/0 on the 1700 is outside, Bri0/0 is inside) essentially the VPN
    on the 804 has to "reverse" the NAT, I need the systems on the E0 of
    the 804 to appear as if they were directly connected to the Fa0/0
    network on the 1700. Right now I'm using a second 1700 with a bridging
    configuration on the second 1700 and the 804, but I need to return
    that 1700 to regular service. Any help would be appreciated!
     
    Ben Franske, Jul 10, 2003
    #1
    1. Advertisements

  2. Ben Franske

    Ben Franske Guest

    I was under the impression from a number of pages on Cisco's site and
    usenet postings that you are able to do pptp site-to-site. If this is
    incorrect how else might I be able to set this up?

    Ben Franske
     
    Ben Franske, Jul 11, 2003
    #2
    1. Advertisements

  3. Ben Franske

    Rik Bain Guest

    Setup IPSEC tunnel bewteen the two...
     
    Rik Bain, Jul 11, 2003
    #3
  4. Ben Franske

    Ben Franske Guest

    Is there a site with good and clear instuctions on how to do this? I'm
    very familiar with the IOS (pptp was a snap), but I get lost in the
    key creation and so on that IPSEC requires. I don't need the data
    encrypted over the VPN because it is a BRI, and don't neccecarily want
    the overhead, but if that's the only way, I'll do it. I also do not
    have the crypto module in this 1700.

    Ben
     
    Ben Franske, Jul 12, 2003
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.