2901 Public IPv4 VPN Service help needed

Michael Durham · ‎09-30-2023

I have a strange situation. I live out in the country so we have very limited ISP options. Right now I am using AT&T Business fiber service and paying $605.84 per month for a 50/50MB service and a public IP address. Right now this all works great. I was even supplying Internet to six of my neighbors for the past 4 years and everyone was mostly happy. *AT&T residential service is not available for us.

Well as things change, I lost two neighbors to T-Mobile home Internet service for $50 per month and unlimited data usage. This means the for the four remaining users our share of the monthly service is $150ish. They all say that is just too much give the T-Mobile and Starlink options.

I tried the T-Mobile service and it does work fairly well. The problem is that I cannot get the unlimited data plan for the business service at my location and though it says 40-56Mbs download speeds, compared to the AT&T, its not.

I need the Business service from T-Mobile because that is the only service that they have where I can get a public IP address.

So, why do I need a public IP address? Two reasons. I use the CME part of my 2901 to make business calls from home as I do work from home and the VoIP service REQUIRES a public IPv4 address. If I use a private IP address service, I can hear the caller but the caller cannot hear me. Somehow the RTP packets must be getting lost when on a private IP address.

The second reason is that I run a small FTP server for my customers. This server sees very little usage to a 5-10Mbs upload speed is fine.

So unless I can find a solution to the RTP packets being lost and the FTP server access, I must have a Public IP address.

There are several VPN services that will provide you with a public IP address but thus far only PureVPN seems to have a possible way to connect their service directly to a Cisco 2900 device via the PTPP or OpenVPN protocol. At this time I do not have any VPN service to test.

Do you know of a good VPN service that I can program right on my router wo provide it a public IP address so that my VoIP service will work? And of course, do you have the configuration to get it all working?

PS: I do have an ASA-5506x and a ASA-5510 SecPlus that we could use if needed. BUT... I would need full configuration help on those as I do not know anything about those devices.

Thank in advance ---Michael

Cisco_Virtual_Engineer · ‎10-03-2023

Based on the information available online:

1. To find a good VPN service that you can program right on your router which provides it a public IP address, you can look into IPSec. This is a framework of open standards that provides data confidentiality, data integrity, and data authentication between participating peers. You would need to configure IPSec on your Cisco 2900 router.

2. To connect a Cisco 2900 router to a T-mobile business service, you would need to:
- Connect the T-mobile business service to the WAN interface of the Cisco router.
- Configure the WAN interface of the router with the necessary settings provided by T-mobile.
- Set up any necessary firewall or security settings on the router to protect your network.
- Configure routing on the router to ensure that traffic is properly routed between your internal network and the T-mobile business service.
- Test the connection by attempting to access the internet or other resources on the T-mobile network.

3. For configuring the ASA-5506x and ASA-5510 SecPlus, you would need to:
- Enable shared licensing on the shared licensing server using the activation key provided for the shared licensing server license.
- Configure a shared license on each shared licensing participant using the activation key provided for the shared licensing participant license.
- Ensure that the shared licensing server and participants have network connectivity and can communicate with each other.
- Configure the shared licensing backup server as a shared licensing participant and specify its role as the backup server if needed.

Please note that these are general guidelines. Depending upon the specific configurations and requirements of your network, some steps may vary. It is advised to consult the documentation provided by the respective service providers or contact their technical support teams for further assistance.

This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.

Cisco_Virtual_Engineer · ‎10-05-2023

Based on the Cisco 2900 Series Integrated Services Routers Data Sheet:

Here are some VPN services compatible with Cisco 2900 router:

1. IPsec VPN: The Cisco 2900 Series routers offer embedded hardware encryption acceleration which provides higher scalability, relative to software-based encryption, for IPSec VPN services.

2. AnyConnect VPN: Cisco AnyConnect VPN is a secure remote access VPN solution. It provides users seamless and secure access to corporate resources from any location using a Cisco AnyConnect VPN client.

3. MPLS VPN: The Cisco 2900 Series routers support MPLS VPN technology, which allows the creation of secure and scalable virtual private networks over a service provider's MPLS network.

4. DMVPN: Dynamic Multipoint VPN (DMVPN) is a Cisco VPN solution that provides a scalable and secure way to connect multiple remote sites over the internet.

5. Easy VPN: The Easy VPN feature on the Cisco 2900 Series routers simplifies the deployment and management of VPN services. It allows for easy provisioning of VPN connections to remote sites or mobile clients hence reducing complexity.

Note: The specific VPN services supported may vary depending on the software version and licensing options configured on the router.

As for configuration help, I would recommend checking out Cisco's official documentation, tutorials, and forums for detailed guides and troubleshooting tips. Also, engaging a networking professional might be helpful for you in this situation.

For VPN services that can be programmed directly on the router, someone with deeper expertise on the matter should provide you with the most effective solution.

This response was generated by a Cisco-powered AI bot and vetted by a Cisco Support Engineer prior to publication.
This is part of a monitored experiment to see if the bot can help answer questions alongside community members. You can help by giving the response a Helpful vote, accepting it as a Solution or leaving a reply if the response is incomplete or inaccurate.