cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
690
Views
0
Helpful
0
Replies

Easy VPN Remote - Enable Internet Access

My first post here. Hoping to learn and contributes my answers.

Issue

I need to enable Internet Access on an Easy VPN Remote Access setup. This VPN was setup originally setup using Cisco Configuration Professional. I read this document - http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008073b06b.shtml, however I have some queries before I actually make the change (trying to avoid to break any VPN config).

VPN Config:

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp key abcVPN address 11.22.33.44

!

crypto isakmp client configuration group ROVPN

key 12345678

dns 1.1.1.1

pool SDM_POOL_1

max-users 25

netmask 255.255.255.0

crypto isakmp profile ciscocp-ike-profile-1

   match identity group ROVPN

   client authentication list ciscocp_vpn_xauth_ml_1

   isakmp authorization list ciscocp_vpn_group_ml_1

   client configuration address respond

   virtual-template 1

interface Loopback0

ip address 192.168.70.1 255.255.255.0

interface Virtual-Template1 type tunnel

ip unnumbered Loopback0

tunnel mode ipsec ipv4

tunnel protection ipsec profile CiscoCP_Profile1

!

ip local pool SDM_POOL_1 192.168.70.50 192.168.70.100

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The IP Address of "Loopback0" falls in the VPN DHCP pool, and according to the above Cisco document it should be different.

I was planning to change "Loopback0" IP to something like 172.1.1.1 /24 and then configure the required route-maps and acl's.

Is that correct? Please suggest the best way to complete this.

Cheers,


0 REPLIES 0
Content for Community-Ad