Remote Access Vpn Configuration

CONFIGURATION

1. Remote User COMMUNICTE PAKISTAN LAN PUBLIC IP : 202.56.215.2 BUT NOT COMMUNICATION ON LAN NETWORK IP : 192.168.100.1

2. Remote User PING LAN FTP SERVER BUT THY DO NOT PING SERVER.

3. WHEN YOU CONNECTED VPN AND THEN AGAIN PING LAN FTP SERVER .

___________

________

FIRST REMOTE USER COMMUNICATE ON LAN PUB IP BUT DO NOT COMMUNICATE ON LAN IP.

ALL INTERFECES LINKED UP AND PERFORM ROUTING.

GO TO Company-Router CONFIGURATION MODE.

Router(config) hostname Company-Router

CREAT A LOCAL AUTHENTICATION FOR VPN

Company-Router(config)# aaa new-model

Company-Router(config)# aaa authentication login WAHAB local

Company-Router(config)# aaa authorization network HANAN local

Company-Router(config)# username Manan password Taimoor

CREAT A ISAKMP POLICY FOR VPN

THIS POLICY DEFINES THE ENCRYPTION AND AUTHENTICATION ALGORITHMS THAT WILL BE USED TO PROTECT THE TRAFFIC THAT FLOWS THROUGH THE VPN TUNNEL.

Company-Router(config)# crypto isakmp policy 10

3DES: TRIPLE DATA ENCRYPTION STANDARD.

THIS IS A SYMMETRIC ENCRYPTION ALGORITHM THAT USES THREE KEYS TO ENCRYPT DATA.

Company-Router(config-isakmp)# encryption 3des

Company-Router(config-isakmp)# hash md5

Company-Router(config-isakmp)# authentication pre-share

Company-Router(config-isakmp)# group 2

Company-Router(config-isakmp)# exit

CREAT A VPN GROUP AND KEY AND APPLIED IP ADDRESS

Company-Router(config)# ip local pool VPNPOOL 200.200.200.1 200.200.200.100

Company-Router(config)# crypto isakmp client configuration group cisco

Company-Router(config-isakmp-group) # key cisco123

Company-Router(config-isakmp-group)# pool VPNPOOL

Company-Router(config-isakmp-group)# exit

CREAT A IPSEC TUNNEL USED TO ENCRYPTED DATA

THIS TRANSFORM SET SPECIFIES THE SPECIFIC ENCRYPTION AND AUTHENTICATION ALGORITHMS THAT WILL BE USED FOR A PARTICULAR TRAFFIC FLOW.

Company-Router(config)# crypto ipsec transform-set set1 esp-3des esp-md5-hmac

CREAT A MAP FOR VPN

THIS CRYPTO MAP ASSOCIATES AN IPSEC POLICY AND TRANSFORM SET WITH A SPECIFIC INTERFACE.

Company-Router(config)# crypto dynamic-map map1 10

Company-Router(config-crypto-map)# set transform-set set1

Company-Router(config-crypto-map)# reverse-route

Company-Router(config-crypto-map)# exit

APPLIED AUTHENTICATION AND AUTHORIZATION FOR VPN

Company-Router(config)# crypto map map1 client configuration address respond

Company-Router(config)# crypto map map1 client authentication list WAHAB

Company-Router(config)# crypto map map1 isakmp authorization list HANAN

Company-Router(config)# crypto map map1 10 ipsec-isakmp dynamic map1

VPN CONFIGURATION APPLIED ON INTERFACE

THIS WILL ENABLE IPSEC ON THE INTERFACE AND ALLOW TRAFFIC TO FLOW THROUGH THE VPN TUNNEL.

Company-Router(config)# interface FastEthernet0/0

Company-Router(config)# crypto map map1

VPN CONFIGURATION IS DONE GO TO REMOTE USER AND CONNECT VPN AND COMUNICATION CAN BE DONE.

___________

Learning Networking

Search This Blog

Remote Access Vpn Configuration

CONFIGURATION

Comments

Post a Comment

Popular posts from this blog

About Me Information

DOS AND DDOS ATTACK

CSST COURSE 1.0