SOURCECODEBD.NET

Live Experience

8.  CONFIGURE CISCO VPN CLIENT (PC)  REMOTE ACCESS VPN

HOW TO CONFIGURE CISCO VPN CLIENT (PC) / REMOTE ACCESS VPN
 
Interface IP Address Configuration 
 
R1 
 
Interface        IP Address           Subnet Mask 
Loopback0  100.100.100.100   255.255.255.0 
Fa 0/0            20.1.1.1                  255.0.0.0 
PC 1              20.1.1.20                255.0.0.0
 
 
Task  
 
Configure R1 with the VPN server configuration. 
Install Cisco VPN client software on the PC. 
Create a loopback 0 (100.100.100.100) and try sending traffic to this address from the PC 
and verify if the VPN tunnel is established or not. 
 
R1 
 
aaa new-model 
aaa authentication login list1 local 
aaa authorization network list2 local 
 
Username user1 password user1 
 
Crypto isakmp policy 10 
Encryption 3des 
Hash md5 
Authentication pre-share 
Group 2 
 
IP local pool p1 30.1.1.1 30.1.1.100 
 
Crypto isakmp client cocnfiguration group group1 
Key cisco123 
Pool p1 
 
crypto ipsec transform-set set1 esp-3des esp-md5-hmac 
 
Crypto dynamic-map dmap1 10 
Set transform-set set1 
Reverse-route 
 
Crypto map map1 10 ipsec-isakmp dynamic map1 
Crypto map map1 client configuration address respond 
Crypto map map1 client authentication list list1 
Crypto map map1 isakmp authorization list list2 
 
Int fa0/0 
Crypto map map1 
 
Int loopback 0 
IP address 100.100.100.100 255.0.0.0
 
 
PC client S/W installation : 
 
•  Install a Cisco VPN client on the remote user PC. 
•  Start  programs  Cisco systems VPN client  click VPN client. 
•  VPN client application starts. 
•  Click the “new” icon in the toolbar. 
•  Enter a name for the new connection enter field. 
•  Enter description of this connection in the description field. 
•  Enter the hostname or IP address of the remote VPN device (server) (20.1.1.1) 
that we want to access. 
•  Under the authentication tab, select the group authentication radio button. 
•  In the name field, enter the name of the IPSec group (group1) to which you 
belong. 
•  In the password field, enter the password (cisco123) for IPSec group. 
•  Verify password in the confirm password field. 
•  Save the connection entery by clicking the save button.
•  Before we connect to the server from the client, send traffic trough the path where 
tunnel is established 
-Therefore, ping from PC (20.1.1.20) to loopback 0 (100.100.100.100) 
-PC > ping 100.100.100.100 –t (the output display that reply received frm 
the address 100.100.100.100). 
-Verify by clicking connect on the VPN client application.  The VPN client 
window prompts for username and password 
-In the user name field enter username (user1) 
-In the password field enter password (user1) 
-As soon as you enter the above details the connection is established.
 
 
Verification: 
 
R1#show crypto isakmp sa 
 
The output displays quick mode state and a connection id that indicates that tunnel is 
established 
 
R1#show crypto ipsec sa 
 
The output displays that packets passing the tunnel are encrypted and also decrypted. 
This indicates the tunnel created is secure, thus giving access to the remote clients to the 
server on the internet securely.
You are here: Home / VPN / HOW TO CONFIGURE CISCO VPN CLIENT (PC) / REMOTE ACCESS VPN