Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VPN termination on cisco 837 router?

Status
Not open for further replies.

dublin101

Technical User
May 26, 2006
49
AU
Hi guys..

did ccna but a big pity we didn't have vpn's in our curriculum.

i have a cisco 837 router with IOS 12.2 on it. I need to know if i can terminate vpn connections on this, so that this is the server also.

if so, can anybody help with a sample config or something alike. thanks
 
Yes, it can. I do with mine---I will post the config later today. If you have SDM, it works really well. In fact, you can get SDM from my FTP server if you want---it's the SDM-V23.zip...
ftp://69.150.180.107/
Do me a favor---if you get anything else more than like 40MB, email me at burt_bees@yahoo.com to let me know, or at least get it between 11PM and 7AM central standard time...SDM is only 12MB, so get it any time you want.

Burt

 
thanks for that. i have the sdm and when i click on the easyvpn icon, it says that the version of my IOS does not support this feature..

i have 12.2 ios.

does that mean i need to upgrade to 12.3? if so, where can i get it?

i'd like to see your config to if possible. thanks
 
ftp://69.151.14.197
Under IOS files.rar
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname xxxxxx
!
boot-start-marker
boot-end-marker
!
memory-size iomem 5
security authentication failure rate 2 log
enable secret xxxxxx
enable password xxxxxx
!
username xxxxxxxx privilege 15 password xxxxxxxxxxxxx
clock timezone CET 1
clock summer-time CST recurring last Sun Mar 2:00 last Sun Oct 3:00
clock save interval 8
aaa new-model
!
!
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization network sdm_vpn_group_ml_1 local
aaa session-id common
ip subnet-zero
no ip source-route
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x x.x.x.x
ip dhcp excluded-address x.x.x.x x.x.x.x
!
ip dhcp pool xxxxxxxxxx
network x.x.x.x y.y.y.y
default-router x.x.x.x
dns-server x.x.x.x x.x.x.x
lease x
!
!
no ip domain lookup
ip domain name local
ip name-server x.x.x.x
ip name-server x.x.x.x
no ip bootp server
ip ftp username xxxxxxxxxxxx
ip ftp password xxxxxxxxxxxxxxxx
ip cef
ip audit notify log
ip audit po max-events 100
ip ssh break-string
no ftp-server write-enable
ftp-server topdir flash:/
no scripting tcl init
no scripting tcl encdir
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp xauth timeout 15

!
crypto isakmp client configuration group xxxxxx
key xxxxxxxxxxxxx
dns x.x.x.x x.x.x.x
pool SDM_POOL_1
max-users 2
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
!
interface Ethernet0
ip address x.x.x.x y.y.y.y
ip nat inside
hold-queue 100 out
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/35
oam-pvc manage
pppoe-client dial-pool-number 1
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Virtual-Template1
no ip address
!
interface Dialer0
no ip address
!
interface Dialer1
description Connected to ADSL Circuit
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname xxxxxxxxxxxxxxxxxxxxxxxxxx
ppp chap password xxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxxxxxx password xxxxxxxxxxxxxxxxxxxx
ppp ipcp dns request
ppp ipcp wins request
crypto map SDM_CMAP_1
hold-queue 224 in
!
ip local pool SDM_POOL_1 x.x.x.x y.y.y.y
ip nat inside source route-map SDM_RMAP_1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
!
!
access-list 102 remark SDM_ACL Category=16
access-list 102 deny ip any x.x.x.x y.y.y.y
access-list 102 permit ip x.x.x.x y.y.y.y any
dialer-list 1 protocol ip permit
route-map SDM_RMAP_1 permit 1
match ip address 102
!
!
control-plane
!
banner motd ^
_________-----_____
_____------ __ ----_
___---- ___------ \
----________ ---- \
-----__ | _____)
__- / \
_______----- ___-- \ /)\
------_______ ---____ \__/ /
-----__ \ -- _ /\
--__--__ \_____/ \_/\
----| / |
| |___________|
| | ((_(_)| )_)
| \_((_(_)|/(_)
\ (
\_____________)

!!!!!Oh, no---not you again...!!!!!!^
line con 0
exec-ti
!
line con 0
logging synchronous
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output telnet
stopbits 1
line vty 0 4
session-timeout 15 output
exec-timeout 300 0
password xxxxxxxxxxxxxxxxxxxxxxxx
transport preferred all
transport input all
transport output all
!
no scheduler max-task-time
scheduler interval 500
!
end

Burt
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top