Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
0
Helpful
2
Replies

How can I configure VPN pass though on a c2821 Router ?

schughtai
Level 1
Level 1

‎07-09-2008 08:18 AM

Are there any docs available to explain and show VPN pass through configuration. I have a c2821 which will be performing PBR, but I'm not clear on how to configure VPN pass through. The VPNs that pass through are going to terminate on a Checkpoint FW.

Thanks in Advance

Labels:
0 Helpful
2 Replies 2

JORGE RODRIGUEZ
Level 10
Level 10

‎07-09-2008 08:47 AM

Suhale,

You need to allow the ipsec ports and protocols or pptp vpn ports and protocols if using microsoft vpn client via acl, create an acl and apply it to your outbound interface facing internet.

Example in a router:

If using Cisco VPN client it needs isakmp = UDP 500, nat-t UDP 4500 and ESP protocol 50

access-list 101 permit udp any any eq 500 log

access-list 101 permit udp any any eq 4500 log

access-list 101 permit esp any any log

Interface

ip access-group 101 in

if using microsoft PPTP vpn client you need to allow tcp 1732 and protocol GRE.

access-list 101 permit tcp any any eq 1723 log

access-list 101 permit gre any any log

Interface

ip access-group 101 in

If using both vpn clients combine the acl 101 together and apply it to outbound interface.

This will allow your inside users to be able to vpn outbound .

Rgds

Jorge

Jorge Rodriguez
0 Helpful

schughtai
Level 1
Level 1
In response to JORGE RODRIGUEZ

‎07-09-2008 01:28 PM

Jorge -

Many thanks for this - I'll give this a go

regards

Suhale

0 Helpful
Customers Also Viewed These Support Documents