VPN termination on cisco 837 router?

[dublin101]

Hi guys..

did ccna but a big pity we didn't have vpn's in our curriculum.

i have a cisco 837 router with IOS 12.2 on it. I need to know if i can terminate vpn connections on this, so that this is the server also.

if so, can anybody help with a sample config or something alike. thanks

 

[burtsbees]

Yes, it can. I do with mine---I will post the config later today. If you have SDM, it works really well. In fact, you can get SDM from my FTP server if you want---it's the SDM-V23.zip...
ftp://69.150.180.107/
Do me a favor---if you get anything else more than like 40MB, email me at burt_bees@yahoo.com to let me know, or at least get it between 11PM and 7AM central standard time...SDM is only 12MB, so get it any time you want.

Burt

 

[dublin101]

thanks for that. i have the sdm and when i click on the easyvpn icon, it says that the version of my IOS does not support this feature..

i have 12.2 ios.

does that mean i need to upgrade to 12.3? if so, where can i get it?

i'd like to see your config to if possible. thanks

 

[burtsbees]

ftp://69.151.14.197
Under IOS files.rar
!
version 12.3
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec localtime show-timezone
no service password-encryption
service sequence-numbers
!
hostname xxxxxx
!
boot-start-marker
boot-end-marker
!
memory-size iomem 5
security authentication failure rate 2 log
enable secret xxxxxx
enable password xxxxxx
!
username xxxxxxxx privilege 15 password xxxxxxxxxxxxx
clock timezone CET 1
clock summer-time CST recurring last Sun Mar 2:00 last Sun Oct 3:00
clock save interval 8
aaa new-model
!
!
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization network sdm_vpn_group_ml_1 local
aaa session-id common
ip subnet-zero
no ip source-route
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x
ip dhcp excluded-address x.x.x.x x.x.x.x
ip dhcp excluded-address x.x.x.x x.x.x.x
!
ip dhcp pool xxxxxxxxxx
network x.x.x.x y.y.y.y
default-router x.x.x.x
dns-server x.x.x.x x.x.x.x
lease x
!
!
no ip domain lookup
ip domain name local
ip name-server x.x.x.x
ip name-server x.x.x.x
no ip bootp server
ip ftp username xxxxxxxxxxxx
ip ftp password xxxxxxxxxxxxxxxx
ip cef
ip audit notify log
ip audit po max-events 100
ip ssh break-string
no ftp-server write-enable
ftp-server topdir flash:/
no scripting tcl init
no scripting tcl encdir
!
!
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp xauth timeout 15

!
crypto isakmp client configuration group xxxxxx
key xxxxxxxxxxxxx
dns x.x.x.x x.x.x.x
pool SDM_POOL_1
max-users 2
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
set transform-set ESP-3DES-SHA
reverse-route
!
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
!
interface Ethernet0
ip address x.x.x.x y.y.y.y
ip nat inside
hold-queue 100 out
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
no ip redirects
no ip unreachables
no ip proxy-arp
pvc 0/35
oam-pvc manage
pppoe-client dial-pool-number 1
!
!
interface FastEthernet1
no ip address
duplex auto
speed auto
!
interface FastEthernet2
no ip address
duplex auto
speed auto
!
interface FastEthernet3
no ip address
duplex auto
speed auto
!
interface FastEthernet4
no ip address
duplex auto
speed auto
!
interface Virtual-Template1
no ip address
!
interface Dialer0
no ip address
!
interface Dialer1
description Connected to ADSL Circuit
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
encapsulation ppp
ip route-cache flow
ip tcp adjust-mss 1452
dialer pool 1
dialer-group 1
ppp authentication pap chap callin
ppp chap hostname xxxxxxxxxxxxxxxxxxxxxxxxxx
ppp chap password xxxxxxxxxxxxxxx
ppp pap sent-username xxxxxxxxxxxxxxxxx password xxxxxxxxxxxxxxxxxxxx
ppp ipcp dns request
ppp ipcp wins request
crypto map SDM_CMAP_1
hold-queue 224 in
!
ip local pool SDM_POOL_1 x.x.x.x y.y.y.y
ip nat inside source route-map SDM_RMAP_1 interface Dialer1 overload
ip classless
ip route 0.0.0.0 0.0.0.0 Dialer1
ip http server
ip http authentication local
ip http secure-server
!
!
access-list 102 remark SDM_ACL Category=16
access-list 102 deny ip any x.x.x.x y.y.y.y
access-list 102 permit ip x.x.x.x y.y.y.y any
dialer-list 1 protocol ip permit
route-map SDM_RMAP_1 permit 1
match ip address 102
!
!
control-plane
!
banner motd ^
_________-----_____
_____------ __ ----_
___---- ___------ \
----________ ---- \
-----__ | _____)
__- / \
_______----- ___-- \ /)\
------_______ ---____ \__/ /
-----__ \ -- _ /\
--__--__ \_____/ \_/\
----| / |
| |___________|
| | ((_(_)| )_)
| \_((_(_)|/(_)
\ (
\_____________)

!!!!!Oh, no---not you again...!!!!!!^
line con 0
exec-ti
!
line con 0
logging synchronous
no modem enable
transport preferred all
transport output all
line aux 0
transport preferred all
transport output telnet
stopbits 1
line vty 0 4
session-timeout 15 output
exec-timeout 300 0
password xxxxxxxxxxxxxxxxxxxxxxxx
transport preferred all
transport input all
transport output all
!
no scheduler max-task-time
scheduler interval 500
!
end

Burt