Filter
Top Products
13-2
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-23590-02
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Cisco Easy VPN
Figure 13-1 Remote Access VPN Using IPSec Tunnel
Cisco Easy VPN
The Cisco Easy VPN client feature eliminates much of the tedious configuration work by implementing
the Cisco Unity Client protocol. This protocol allows most VPN parameters, such as internal IP
addresses, internal subnet masks, DHCP server addresses, WINS server addresses, and split-tunneling
flags, to be defined at a VPN server that is acting as an IPSec server.
An Easy VPN server-enabled device can terminate VPN tunnels initiated by mobile and remote workers
who are running Cisco Easy VPN Remote software on PCs. Easy VPN server-enabled devices allow
remote routers to act as Easy VPN Remote nodes.
The Cisco Easy VPN client feature can be configured in one of two modes—client mode or network
extension mode. Client mode is the default configuration and allows only devices at the client site to
access resources at the central site. Resources at the client site are unavailable to the central site.
Network extension mode allows users at the central site to access network resources on the client site.
After the IPSec server has been configured, a VPN connection can be created with minimal configuration
on an IPSec client, such as a supported Cisco 819 ISR. When the IPSec client initiates the VPN tunnel
connection, the IPSec server pushes the IPSec policies to the IPSec client and creates the corresponding
VPN tunnel connection.
1 Remote, networked users
2 VPN client—Cisco 819 ISRs
3 Router—Providing the corporate office network access
4 VPN server—Easy VPN server
5 Corporate office with a network address of 10.1.1.1
6 IPSec tunnel
2
1
121782
Internet
3
4
5
6