Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
891
Views
0
Helpful
4
Replies

1720 Router w/IOS Firewall: How to configure a VPN ?

datajump
Level 1
Level 1

‎10-12-2001 02:13 PM - edited ‎02-21-2020 11:27 AM

We recently purchased a Cisco 1720 Router with the IOS Firewall Feature Pack. The configuration is dual ethernet, 1 serial. There is a T1 connected to the serial interface( direct to the internet ) and a DMZ on one ethernet interface and our private network on the other. It seems as though things are running smoothly. We are now looking to implement a VPN solution which would allow a Microsoft VPN client to make a connection. I am under the impression that the 1720 using an authentication server ( eg. a RADIUS server ) can handle the task. Am I correct ? If so, how can this be configured?

Thanks,

Ken

Labels:
0 Helpful
4 Replies 4

smalkeric
Level 6
Level 6

‎10-22-2001 08:38 AM

You don’t even need to implement Radius Authentication for a VPN tunnel. You said you are going to use the Microsoft VPN client. Are you planning to terminate the tunnel on your 1720 or directly on your RAS server? To go to the 1720, use Cisco’s VPN client software and configure IPSEC (you might need a software upgrade on the router to do this). To terminate on the RAS server, no changes on the 1720 should be needed.

0 Helpful

jhepting
Level 1
Level 1

‎10-24-2001 11:08 AM

Hi Ken,

You definatly need to confirm the version of software

currently running. Depending on the Microsoft OS you would like to participate in the VPN I would highly recomend using IPSec over PPTP (Microsoft encryption)

IPSec is far better suited as it helps provide maximum protection of the data being transfered. By running the Cisco IOS which supports Firewall and IPSec you can simply have a client terminate the VPN connection on the 1720 and have them feel as though they are locally on the internal LAN and help keep security as tight as possible.

By opening a small hole on the Firewall config to allow access to an internal device for remote access a larger hole than that of IPSec being terminated on the outside interface of the Firewall could be created.

0 Helpful

datajump
Level 1
Level 1
In response to jhepting

‎11-09-2001 05:55 AM

That certainly sounds like a reasonable solution. I am assuming this would involve using the Cisco VPN Client? Could I still use a Microsoft client that supports IPSec? Would you happen to have a sample configuration that I could build from ?

Thanks,

Ken

0 Helpful

scolombo
Cisco Employee
Cisco Employee
In response to datajump

‎11-19-2001 10:27 AM

I'm trying to do the same .

I'd like to set it up with the router as end point but got some problem .

I've set it to use PPTP , the windows client tries to connect , I see the connection to the 1723 port , but then fails stating the remote is not answering

Has anyone a working example ?

thanks

0 Helpful
Customers Also Viewed These Support Documents