Home > Cisco Systems > Router > Cisco Systems Router 1800 Series User Manual

Cisco Systems Router 1800 Series User Manual

Add to Favourites
    Download as PDF

    Here you can view all the pages of manual Cisco Systems Router 1800 Series User Manual. The Cisco Systems manuals for Router are available online for free. You can easily download all the documents as PDF.

    Overview View all the pages Comments

    Page 81

    Page 81 6-7 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configure the IPSec Crypto Method and Parameters Perform these steps to specify the IPSec transform set and protocols, beginning in global configuration mode: Command or ActionPurpose Step 1crypto ipsec transform-set transform-set-name transform1 [transform2 ] [transform3 ] [ transform4 ] Example: Router(config)# crypto ipsec... 
     
6-7
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel   Configure the IPSec Crypto Method and Parameters
Perform these steps to specify the IPSec transform set and protocols, beginning in global configuration 
mode:
Command or ActionPurpose
Step 1crypto ipsec transform-set  transform-set-name 
transform1  [transform2 ] [transform3 ] 
[ transform4 ]
Example:
Router(config)#  crypto ipsec...

    Page 82

    Page 82 6-8 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Apply the Crypto Map to the Physical Interface Apply the Crypto Map to the Physical Interface The crypto maps must be applied to each interface through which IP Security (IPSec) traffic flows. Applying the crypto map to the physical interface instructs the router to evaluate all the traffic against the security associations database.... 
     
6-8
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Apply the Crypto Map to the Physical Interface
Apply the Crypto Map to the Physical Interface
The crypto maps must be applied to each interface through which IP Security (IPSec) traffic flows. 
Applying the crypto map to the physical interface instructs the router to evaluate all the traffic against 
the security associations database....

    Page 83

    Page 83 6-9 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Create an Easy VPN Remote Configuration Create an Easy VPN Remote Configuration The router acting as the IPSec remote router must create an Easy VPN remote configuration and assign it to the outgoing interface. Perform these steps to create the remote configuration, beginning in global configuration mode: Step 2crypto map map-name... 
     
6-9
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Create an Easy VPN Remote Configuration
Create an Easy VPN Remote Configuration 
The router acting as the IPSec remote router must create an Easy VPN remote configuration and assign 
it to the outgoing interface. 
Perform these steps to create the remote configuration, beginning in global configuration mode:
Step 2crypto map map-name...

    Page 84

    Page 84 6-10 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Verifying Your Easy VPN Configuration Verifying Your Easy VPN Configuration Router# show crypto ipsec client ezvpn Tunnel name :ezvpnclient Inside interface list:vlan 1Outside interface:fastethernet 0 Current State:IPSEC_ACTIVE Last Event:SOCKET_UPAddress:8.0.0.5 Mask:255.255.255.255 Default Domain:cisco.com Configuration Example The... 
     
6-10
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Verifying Your Easy VPN Configuration
Verifying Your Easy VPN Configuration
Router# show crypto ipsec client ezvpn
Tunnel name :ezvpnclient
Inside interface list:vlan 1Outside interface:fastethernet 0
Current State:IPSEC_ACTIVE
Last Event:SOCKET_UPAddress:8.0.0.5
Mask:255.255.255.255
Default Domain:cisco.com
Configuration Example
The...

    Page 85

    Page 85 6-11 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configuration Example !crypto isakmp policy 1 encryption 3des authentication pre-sharegroup 2 lifetime 480 !crypto isakmp client configuration group rtr-remote key secret-password dns 10.50.10.1 10.60.10.1domain company.com pool dynpool !crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac ! crypto ipsec security-association lifetime... 
     
6-11
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Configuration Example
!crypto isakmp policy 1
encryption 3des
authentication pre-sharegroup 2
lifetime 480
!crypto isakmp client configuration group rtr-remote
key secret-password
dns 10.50.10.1 10.60.10.1domain company.com
pool dynpool
!crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac
!
crypto ipsec security-association lifetime...

    Page 86

    Page 86 6-12 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Configuration Example 
     
6-12
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 6      Configuring a VPN Using Easy VPN and an IPSec Tunnel
  Configuration Example

    Page 87

    Page 87 CH A P T E R 7-1 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation The Cisco 1800 series integrated services fixed-configuration routers support the creation of virtual private networks (VPNs). Cisco routers and other broadband devices provide high-performance connections to the Internet, but many applications also require the security of VPN connections which perform a high... 
    CH A P T E R
 
7-1
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
7
Configuring VPNs Using an IPSec Tunnel and 
Generic Routing Encapsulation
The Cisco 1800 series integrated services fixed-configuration routers support the creation of virtual 
private networks (VPNs). 
Cisco routers and other broadband devices provide high-performance connections to the Internet, but 
many applications also require  the security of VPN connections which perform a high...

    Page 88

    Page 88 7-2 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation GRE Tunnels GRE tunnels are typically used to establish a VPN between the Cisco router and a remote device that controls access to a private network, such as a corporate network. Traffic forwarded through the GRE tunnel is encapsulated and routed out onto the physical interface of the router. When a GRE interface... 
     
7-2
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 7      Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation
  
GRE Tunnels
GRE tunnels are typically used to establish a VPN between the Cisco router and a remote device that 
controls access to a private network, such as a corporate network. Traffic forwarded through the GRE 
tunnel is encapsulated and routed out onto the physical interface of the router. When a GRE interface...

    Page 89

    Page 89 7-3 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation Configure a VPN Configure a VPN Perform the following tasks to configure a VPN over an IPSec tunnel: Configure the IKE Policy Configure Group Policy Information Enable Policy Lookup Configure IPSec Transforms and Protocols Configure the IPSec Crypto Method and Parameters Apply the Crypto Map to the... 
     
7-3
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 7      Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation
  Configure a VPN
Configure a VPN
Perform the following tasks to configure a VPN over an IPSec tunnel:
 Configure the IKE Policy
 Configure Group Policy Information
 Enable Policy Lookup
 Configure IPSec Transforms and Protocols
 Configure the IPSec Crypto Method and Parameters
 Apply the Crypto Map to the...

    Page 90

    Page 90 7-4 Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide OL-6426-02 Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation Configure a VPN Configure Group Policy Information Perform these steps to configure the group policy, beginning in global configuration mode: Step 5group {1 | 2 | 5} Example: Router(config-isakmp)# group 2Router(config-isakmp)# Specifies the Diffie-Hellman group to be used in the IKE policy. Step 6lifetime seconds... 
     
7-4
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 7      Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation
  Configure a VPN
Configure Group Policy Information
Perform these steps to configure the group policy, beginning in global configuration mode:
Step 5group {1 | 2 | 5}
Example:
Router(config-isakmp)# group 2Router(config-isakmp)# 
Specifies the Diffie-Hellman group to be used in 
the IKE policy.
Step 6lifetime seconds...
    Start reading Cisco Systems Router 1800 Series User Manual
    All Cisco Systems manuals