cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1146
Views
0
Helpful
15
Replies

VPN Setup

rezaul.karim
Level 1
Level 1

Hi

I have Cisco 2600 router.

Is it possible to setup VPN in it from external.

Any one help pls

Thanks

Reza

15 Replies 15

pkhatri
Level 11
Level 11

Reza,

You sure can. Here's a whole heap of sample configurations on how you can accomplish this - the precise one you use depends on what exactly you wish to achieve:

http://www.cisco.com/en/US/tech/tk583/tk372/tech_configuration_examples_list.html

Hope that helps - pls do remember to rate posts that help.

Paresh

Paresh

Thanks

I want to setup up VPN as users can access from anywhere.

Waiting for your comments and configuration pls

Regards

Reza

Reza,

You need to look at this config then:

http://www.cisco.com/en/US/tech/tk59/technologies_configuration_example09186a00800a393b.shtml

Hope that helps - pls do remember to rate posts that help.

Paresh

Paresh

Thanks for your response.

Router model is : 2600 and version: Version 12.2(8)T4,

But crypto command is not recognizing in this router.

Any other suggestion pls

Regards

Reza

Hi

You need to have either one of the following feature set to have support for VPN in your box.

Advanced IP Services,Advanced Enterprise Services or Advanced Security..

Do refer this link for the hardware requirment which can help you to fit in the above mentioned ios to have VPN..

http://www.cisco.com/en/US/products/sw/iosswrel/ps5460/prod_bulletin09186a00801af451.html

regds

Hi

Is it possible to use VPDN enable command by using another IOS.

Current IOS (Version 12.2(8)T4)is also not support this command

Any one help

Regards

Reza

Hi

The above mentioned IOS Code can support VPDN but you need to have the required feature set as i said in my previous post to get the same configured in your box..

To make yourself more precise you can check this link for finding out the exact ios code name which can give you the VPDN support in your box..

http://tools.cisco.com/Support/Fusion/FusionHome.do

regds

Hi

I could not able to open the site: http://tools.cisco.com/Support/Fusion/FusionHome.do

due to some additional access of user

Can you pls forward the site to me:

rezaul.karim@afghan-wireless.com

Thanks

Reza

Hi

Thats a software advisor tool for which you need to have CCO login with additional privileges to acces the same..

Post out your show version taken out from your router here so that compatible ios which can support your requirement can be checked..

regds

Hi Kumar

Thanks for your prompt response.

After updrading ios to 12.3 VPDN enable command is accepting.

Following is the config:

vpdn-group 1

! Default PPTP VPDN group

accept-dialin

protocol pptp

virtual-template 10

local name reza

username xxx password -----

VpnRouter#sh ver

Cisco Internetwork Operating System Software

IOS (tm) C2600 Software (C2600-IS-M), Version 12.3(6b), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2004 by cisco Systems, Inc.

Compiled Wed 19-May-04 23:04 by dchih

Image text-base: 0x80008098, data-base: 0x819B42DC

ROM: System Bootstrap, Version 12.2(7r) [cmong 7r], RELEASE SOFTWARE (fc1)

VpnRouter uptime is 2 hours, 23 minutes

System returned to ROM by reload

System image file is "flash:c2600-is-mz.123-6b.bin"

cisco 2621XM (MPC860P) processor (revision 0x100) with 94208K/4096K bytes of mem

ory.

Processor board ID JAD06480AGM (908718670)

M860 processor: part number 0, mask 32

Bridging software.

X.25 software, Version 3.0.0.

2 FastEthernet/IEEE 802.3 interface(s)

32K bytes of non-volatile configuration memory.

32768K bytes of processor board System flash (Read/Write)

Configuration register is 0x101

Would you pls provide the neccessary configuration as any one can access from anywhere througn vpn

Thanks in advance

Reza

Hi

Do find this link which contains different config scenarios discussed..

http://www.cisco.com/en/US/tech/tk827/tk369/tk388/tsd_technology_support_sub-protocol_home.html

regds

Hi

Thanks for this site.

ppp encrypt command is not supported on the current IOS.

I do not want to use aaa also

Can you pls look into this matter again

Regards

Reza

Hi

Can you post out the config which you have done till now and also the exact VPDN scenario you are trying out there..

regds

Hi Kumar

Thanks

Current configurations are as follows:

VpnRouter#sh run

Building configuration...

Current configuration : 1486 bytes

!

version 12.3

service timestamps debug uptime

service timestamps log uptime

service password-encryption

!

hostname VpnRouter

!

boot-start-marker

boot-end-marker

!

enable secret xxxx

enable password xxxx

!

username reza password xxx

username test password xxx

username rnd password xxx

clock summer-time PDT recurring

no network-clock-participate slot 1

no network-clock-participate wic 0

aaa new-model

!

!

aaa authentication login default local

aaa authentication ppp default local

aaa session-id common

ip subnet-zero

no ip routing

no ip cef

!

!

!

vpdn enable

!

vpdn-group 1

accept-dialin

protocol pptp

virtual-template 10

terminate-from hostname rnd

local name awcc

!

async-bootp dns-server 172.20.1.1

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface FastEthernet0/0

ip address 172.20.1.66 255.255.255.0

no ip route-cache

no ip mroute-cache

speed auto

full-duplex

!

interface FastEthernet0/1

ip address 172.16.3.47 255.255.255.0

no ip route-cache

no ip mroute-cache

speed auto

full-duplex

!

interface Virtual-Template10

ip unnumbered FastEthernet0/1

no ip route-cache

peer default ip address pool test

no keepalive

ppp authentication pap ms-chap

!

ip local pool test 172.20.1.221 172.20.1.230

ip http server

ip classless

!

!

dialer-list 1 protocol ip permit

!

!

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

exec-timeout 20 0

password xxxx

!

cns event test 11011

!

!

end

Whenever trying from outside the following is the :

error message

"Error 800: Unable to establish the VPN connection. The VPN server may be unreacheble or security parameters may not be configured properly for this connection"

Regards

Reza