http://indonetworksecurity.com/network-security/as-a-cisco-router-configuration-vpn-server-for-vpn-clients-using-pptp-and-mppe.htm


In this article I want to share about how to configure a Cisco IOS Router as ourVPN Client VPN Server with its Windows OS yan uses Point-to-Point Tunnelling Protocol (PPTP) and Microsoft Point-to-Point Encryption Protocol (MPPE).

as an example for me to make it easier to understand its network topology likeFigure 1 below:

For the record before the VPN Server configuration is performed, and the basic configuration on Router R1 routingan been made ??and are already well underway.

Starting a Router Configuring PPTP:

R1 # configure terminal
Enter configuration commands, one per line. End with CNTL / Z.
! --- Enable virtual private dial-up networking.
R1 (config) # enable VPDN

! --- Creating a VPDN group configuration mode
R1 (config) # VPDN-group 1

! --- Enables VPDN accept-dialin configuration mode
! --- And allow the router receives a request dial-in.
R1 (config-VPDN) # accept-dialin

! --- Create the PPTP protocol to be used as protocol router.
R1 (config-VPDN-acc-in) # protocol pptp

! --- Defining the Virtual Interface on the router to use vpn client

! --- In this example using the virtual-template interface 1

R1 (config-VPDN-acc-in) # virtual-template 1
R1 (config-VPDN-acc-in) # exit

! --- Create IP pool with the name "TEST" as well as provide an IP range to use vpn client.
R1 (config) # ip local pool 192.168.168.1 192.168.168.20 TEST
! --- Create a virtual-template interface will be used

! --- Virtual-access interfaces are using the ip address of the ip pool "TEST"
! --- And use the authentication protocol (CHAP), PAP, and MS-CHAP.
R1 (config) # interface virtual-template 1
R1 (config-if) # encapsulation ppp
R1 (config-if) # peer default ip address pool test

! --- Virtual-Access interface Interface is used on router R1 is connected to the Internet.
R1 (config-if) # ip unnumbered FastEthernet0 / 0
R1 (config-if) # no keepalive
R1 (config-if) # ppp encrypt auto MPPE
R1 (config-if) # ppp authentication pap chap ms-chap

! --- Create a User Account for user vpn client.

R1 (config) # username password webmedia webmedia1
R1 (config) # username password teknonesia teknonesia1

For the Complete Configuration can be seen by running the command “show run”

R1 # show run
Building configuration ...
Current configuration: 1566 bytes
!
webmedia username password 0 webmedia1
teknonesia username password 0 teknonesia1
ip subnet-zero
ip CEF
!
!
no ip domain lookup
ip domain name teknonesia.com
!
enable VPDN
!
VPDN-group 1
! Default PPTP VPDN group.
accept-dialin
protocol pptp
virtual-template 1
!
interface FastEthernet0 / 0
ip address 202.152.152.1 255 255 255 248
auto duplex
speed auto
!
interface FastEthernet0 / 1
ip address 10.10.10.254 255.255.255.0
auto duplex
speed auto
!
interface Virtual-template1
ip unnumbered FastEthernet0 / 0
peer default ip address pool test
no keepalive
MPPE ppp encrypt auto
ppp authentication pap chap ms-chap
!
ip local pool test 192.168.168.1 192.168.168.20
ip http server
ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 202.152.152.14
!

line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login teknonesia1234
!
!

Now the VPN Server Configuration on the router we’re done, then just do the verification and test the vpn connection from the vpn client computer.

Verify the VPN Configuration for the above can be done by using the command-command below:

show debug

show user

show ip route connected

VPDN show

So a quick explanation from me about the basic configuration of cisco router vpn server is.

Advertisement



You might also like

Cisco Routers and Catalyst settings Through Telnet with Username and Password
Cisco generally provide the network with the ability manageable. By default, the configuration for all...
Securing Access to TELNET ACCESS-LIST.
The use of remote facilities at the time as it is very vulnerable to crime, especially in the networking...
Creating a Cisco Router Being For Frame Relay Switch
Maybe some people do not know if the Cisco Router can be configured to function as a specific Frame Relay...
ADSL Router Configuration On LAN
On the LAN actually there is no need to be configured for normal operations. We can use the existing...