SOURCECODEBD.NET

Live Experience

9.  CONFIGURE CISCO EASY VPN SERVER AND CLIENT (PC)

HOW TO CONFIGURE CISCO EASY VPN SERVER AND CLIENT (PC)
 
Interface IP Address Configuration 
 
R1 
 
Interface  IP Address   Subnet Mask 
Loopback0  100.100.100.100   255.255.255.0 
Fa 0/0     20.1.1.1   255.0.0.0 
 
Task  
 
Configure R1 as easy VPN server. 
Do not cofigure authentication and username and password. 
Create loopback address to send traffic from the client PC to verify the tunnel. 
 
 
R1 
 
aaa new-model 
aaa authorization network list2 local 
 
Crypto isakmp policy 10 
Encryption 3des 
Hash md5 
Authentication pre-share 
Group 2 
 
IP local pool p1 30.1.1.1 30.1.1.100 
 
Crypto isakmp client cocnfiguration group group1 
Key cisco123 
Pool p1 
 
crypto ipsec transform-set set1 esp-3des esp-md5-hmac 
 
Crypto dynamic-map dmap1 10 
Set transform-set set1
Reverse-route 
 
Crypto map map1 10 ipsec-isakmp dynamic map1 
Crypto map map1 client configuration address respond 
Crypto map map1 isakmp authorization list list2 
 
Int fa0/0 
Crypto map map1 
 
Int loopback 0 
IP address 100.100.100.100 255.0.0.0
 
PC :  Easy VPN client 
 
•  Install a Cisco VPN client on the PC. 
•  Start  programs  Cisco systems VPN client  click VPN client. 
•  VPN client application starts. 
•  Click the “new” icon in the toolbar. 
•  Enter name and description for the connection entry. 
•  Enter the hostname or IP address of the server. 
•  Under the authentication tab : enter the name of the IPSec group (group1) and 
   password for the group (cisco123). 
•  Save the connection entry 
-Before we connect to the server from the client PC, send traffic through the 
path where tunnel is established. 
-Therefore, ping from PC (20.1.1.20) to loopback 0 (100.100.100.100) 
-PC > ping 100.100.100.100 –t 
     The output displays that replies are received from the address 
•  Verify by clicking connect on the application.  It does not ask for username or password. 
 
Verification : 
 
R1#show crypto isakmp sa 
 
The output displays quick mode state and a connection id that indicates that tunnel is 
established 
 
R1#show crypto ipsec sa
 
The output displays that packets passing the tunnel are encrypted and also decrypted. 
This indicates the tunnel created is secure, thus giving access to the remote clients to the 
server on the internet securely.
You are here: Home / VPN / HOW TO CONFIGURE CISCO EASY VPN SERVER AND CLIENT (PC)