http://indonetworksecurity.com/network-security/as-a-cisco-router-configuration-vpn-server-for-vpn-clients-using-pptp-and-mppe.htm
In this article I want to share about how to configure a Cisco IOS Router as ourVPN Client VPN Server with its Windows OS yan uses Point-to-Point Tunnelling Protocol (PPTP) and Microsoft Point-to-Point Encryption Protocol (MPPE).
as an example for me to make it easier to understand its network topology likeFigure 1 below:
For the record before the VPN Server configuration is performed, and the basic configuration on Router R1 routingan been made ??and are already well underway.
Starting a Router Configuring PPTP:
R1 # configure terminal Enter configuration commands, one per line. End with CNTL / Z.
! --- Enable virtual private dial-up networking. R1 (config) # enable VPDN ! --- Creating a VPDN group configuration mode R1 (config) # VPDN-group 1 ! --- Enables VPDN accept-dialin configuration mode ! --- And allow the router receives a request dial-in. R1 (config-VPDN) # accept-dialin ! --- Create the PPTP protocol to be used as protocol router. R1 (config-VPDN-acc-in) # protocol pptp ! --- Defining the Virtual Interface on the router to use vpn client ! --- In this example using the virtual-template interface 1 R1 (config-VPDN-acc-in) # virtual-template 1 R1 (config-VPDN-acc-in) # exit ! --- Create IP pool with the name "TEST" as well as provide an IP range to use vpn client. R1 (config) # ip local pool 192.168.168.1 192.168.168.20 TEST ! --- Create a virtual-template interface will be used ! --- Virtual-access interfaces are using the ip address of the ip pool "TEST" ! --- And use the authentication protocol (CHAP), PAP, and MS-CHAP. R1 (config) # interface virtual-template 1 R1 (config-if) # encapsulation ppp R1 (config-if) # peer default ip address pool test ! --- Virtual-Access interface Interface is used on router R1 is connected to the Internet. R1 (config-if) # ip unnumbered FastEthernet0 / 0 R1 (config-if) # no keepalive R1 (config-if) # ppp encrypt auto MPPE R1 (config-if) # ppp authentication pap chap ms-chap ! --- Create a User Account for user vpn client. R1 (config) # username password webmedia webmedia1 R1 (config) # username password teknonesia teknonesia1
For the Complete Configuration can be seen by running the command “show run”
R1 # show run Building configuration ... Current configuration: 1566 bytes ! webmedia username password 0 webmedia1 teknonesia username password 0 teknonesia1 ip subnet-zero ip CEF ! ! no ip domain lookup ip domain name teknonesia.com ! enable VPDN ! VPDN-group 1 ! Default PPTP VPDN group. accept-dialin protocol pptp virtual-template 1 ! interface FastEthernet0 / 0 ip address 202.152.152.1 255 255 255 248 auto duplex speed auto ! interface FastEthernet0 / 1 ip address 10.10.10.254 255.255.255.0 auto duplex speed auto ! interface Virtual-template1 ip unnumbered FastEthernet0 / 0 peer default ip address pool test no keepalive MPPE ppp encrypt auto ppp authentication pap chap ms-chap ! ip local pool test 192.168.168.1 192.168.168.20 ip http server ip http secure-server ip classless ip route 0.0.0.0 0.0.0.0 202.152.152.14 ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 login teknonesia1234 ! !
Now the VPN Server Configuration on the router we’re done, then just do the verification and test the vpn connection from the vpn client computer.
Verify the VPN Configuration for the above can be done by using the command-command below:
show debug
show user
show ip route connected
VPDN show
So a quick explanation from me about the basic configuration of cisco router vpn server is.
Posts Related to Cisco Router Configuration VPN Server for VPN Clients Using PPTP and MPPE
Cisco Routers and Catalyst settings Through Telnet with Username and Password
Cisco generally provide the network with the ability manageable. By default, the configuration for all Cisco network devices can be done from a computer via ...
Creating a Cisco Router Being For Frame Relay Switch
Maybe some people do not know if the Cisco Router can be configured to function as a specific Frame Relay Switch acts as the DCE. ...
Securing Access to TELNET ACCESS-LIST.
The use of remote facilities at the time as it is very vulnerable to crime, especially in the networking world, this time I will discuss ...
Mikrotik basic commands
Some time ago I learned to use mikrotik, but before using mikrotik as a beginner like me a good idea to learn basic commands so ...
Step by Step build a VPN Server with RouterOS
VPN is a VPN Virtual Private Network which is an interconnected network (PC Client to LAN or LAN to LAN) which interconnect with the Public ...
Advertisement
You might also like
| Cisco Routers and Catalyst settings Through Telnet with Username and Password Cisco generally provide the network with the ability manageable. By default, the configuration for all... | Securing Access to TELNET ACCESS-LIST. The use of remote facilities at the time as it is very vulnerable to crime, especially in the networking... | Creating a Cisco Router Being For Frame Relay Switch Maybe some people do not know if the Cisco Router can be configured to function as a specific Frame Relay... |  ADSL Router Configuration On LANOn the LAN actually there is no need to be configured for normal operations. We can use the existing... |