ok i am going to expalin at first how we cretae vpn on cisco router first then it will be easy for understand to you

on l3 switches and l2 switches ok let start VPN=that is virtual private network it is set on the workstaion or workdoamin such that any autrized person can acess his network from out side network this vpn can be configured by two process 1 pptp that is point to point tunlinh protoccol Microsoft Point-to-Point Encryption Protocol (MPPE). network diagram pc-----internet-----router--------workstaions pc=with pptp internet ip=172.16.142.191 routere ethernet=10.130.13.13 now start 2621#configure termina #vpdn enable #vpdn-group 1 2621(config-vpdn)#accept-dialin 2621(config-vpdn-acc-in)#protocol pptp 2621(config-vpdn-acc-in)#virtual-template 1 2621(config-vpdn-acc-in)#exit 2621(config)#ip local pool test 192.168.1.1 192.168.1.250 2621(config)#interface virtual-template 1 2621(config-if)#encapsulation ppp 2621(config-if)#peer default ip address pool test 2621(config-if)#ip unnumbered FastEthernet0/0 2621(config-if)#no keepalive 2621(config-if)#ppp encrypt mppe auto 2621(config-if)#ppp authentication pap chap ms-chap

Cisco 2621 Router 2621#show run Building configuration... Current configuration : 1566 bytes ! version 12.2 service timestamps debug datetime msec localtime service timestamps log datetime msec localtime no service password-encryption !

Enable VDPN.hostname 2621 ! boot system flash logging queue-limit 100 enable secret 5 $1$dGFC$VA28yOWzxlCKyj1dq8SkE/ ! ip subnet-zero ip cef ! ! no ip domain lookup ip domain name cisco.com ! vpdn enable !--.Default PPTP VPDN group. accept-dialin protocol pptp virtual-template 1 ! ! ! ! ! ! ! ! ! ! voice call carrier capacity active ! ! ! ! ! ! ! no voice hpi capture buffer no voice hpi capture destination ! ! mta receive maximum-recipients 0 ! ! controller T1 0/0 framing sf linecode ami ! controller T1 0/1 framing sf linecode ami ! ! ! interface Loopback0 . ! vpdn-group 1 !--.

255.13.0. ip local pool test 192.142.0 duplex auto speed auto ! !--.0.100. PAP.1.100.1 255.Create IP pool named test and specify IP range.0 no ip route-cache no ip mroute-cache duplex auto speed auto ! interface FastEthernet0/1 ip address 10.255.0.16.13 255.168.168.255.ip address 10.0 0.255.255.0.0 172.0.1 ! ip pim bidir-enable ! ! ! call rsvp-sync ! ! mgcp profile default ! dial-peer cor custom ! ! ! ! ! line con 0 exec-timeout 0 0 line aux 0 line vty 0 4 password ************* login ! ! end .0 ip nat inside ! interface FastEthernet0/0 ip address 172.Create virtual-template interface used for cloning !--.virtual-access interfaces with the use of address pool test !--.16.1.1 192.250 no ip http server no ip http secure-server ip classless ip route 0.with CHAP authentication.191 255. and MS-CHAP.130. interface Virtual-Template1 ip unnumbered FastEthernet0/0 peer default ip address pool test no keepalive ppp encrypt mppe auto ppp authentication pap chap ms-chap ! !--.142.

this is the confrgation expalnation of each steps i will give letter this is my confrgation so some output is omited .

Sign up to vote on this title
UsefulNot useful