Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
725
Views
0
Helpful
1
Replies

cisco 878 router remote menagement and vpn

cisco_works
Level 1
Level 1

‎10-13-2006 04:14 AM

hi;

i have two question?

1-

i want to manage my 878 router remotely through G.shdsl interface over the internet with ssh or telnet or sdm..how should i configure the router 878 to able to do it for each one ssh,telnet and sdm.

2- is the configuration below for site-to-site ipsec vpn correct?

crypto isakmp policy 1

encryption 3des

hash sha

authentication pre-share

lifetime 86400

group 2

crypto isakmp key 12345678902345678901 address 1.2.3.4

crypto ipsec transform-set vpnset1 esp-3des esp-sha-hmac

crypto map to_merkez 1 ipsec-isakmp

set peer 1.2.3.4

set transform-set vpnset1

match address 105

access-list 105 permit ip 192.168.36.0 255.255.255.0 192.168.5.0 255.255.255.0

interface ATM0.1 point-to-point

crypto map to_merkez

Labels:
0 Helpful
1 Reply 1

cleidh_mor
Level 1
Level 1

‎10-13-2006 05:38 AM

Hi Cisco_Works,

In answer to point 1: Personally I would not recommend using telnet over the Internet (or at all if possible). Using ssh is much better and does everything that telnet would give you. To set up ssh, see this CCO doc:

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

You then need to open the necessary port on your outside interface. To do this, simply add the relevant line to your acl:

router (config)# ip access-li ext WAN_in

router (config-ext-nacl)# permit tcp host eq 22

You can do the same to allow SSL in order to manage the device via SDM.

Regarding your IPSec config - looks fine to me.

HTH.

Cheers,

Cleidh Mor

0 Helpful
Customers Also Viewed These Support Documents