Filter
Top Products
13-3
Cisco 819 Integrated Services Routers Software Configuration Guide
OL-23590-02
Chapter 13 Configuring a VPN Using Easy VPN and an IPSec Tunnel
Configuration Tasks
Note The Cisco Easy VPN client feature supports configuration of only one destination peer. If your
application requires the creation of multiple VPN tunnels, you must manually configure the IPSec VPN
and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on both the client
and the server.
Configuration Tasks
Perform the following tasks to configure your router for this network scenario:
• Configure the IKE Policy, page 13-3
• Configure Group Policy Information, page 13-5
• Apply Mode Configuration to the Crypto Map, page 13-6
• Enable Policy Lookup, page 13-7
• Configure IPSec Transforms and Protocols, page 13-8
• Configure the IPSec Crypto Method and Parameters, page 13-8
• Apply the Crypto Map to the Physical Interface, page 13-10
• Create an Easy VPN Remote Configuration, page 13-10
An example showing the results of these configuration tasks is provided in the “Configuration Example”
section on page 13-12.
Note The procedures in this chapter assume that you have already configured basic router features, as well as
PPPoE or PPPoA with NAT, DCHP and VLANs. If you have not performed these configurations tasks,
see “Basic Router Configuration” section on page 5-1.
Note The examples shown in this chapter refer only to the endpoint configuration on the Cisco 819 router. Any
VPN connection requires both endpoints be configured properly to function. See the software
configuration documentation as needed to configure VPN for other router models.
Configure the IKE Policy
Perform these steps to configure the Internet Key Exchange (IKE) policy, beginning in global
configuration mode:
SUMMARY STEPS
1. crypto isakmp policy priority
2. encryption {des | 3des | aes | aes 192 | aes 256}
3. hash {md5 | sha}
4. authentication {rsa-sig | rsa-encr | pre-share}
5. group {1 | 2 | 5}