Chapter 6
Configuring a VPN Using Easy VPN and an IPSec Tunnel
The Cisco Easy VPN client feature supports configuration of only one destination peer. If your
Note
application requires creation of multiple VPN tunnels, you must manually configure the IPSec VPN and
Network Address Translation/Peer Address Translation (NAT/PAT) parameters on both the client and the
server.
Configuration Tasks
Perform the following tasks to configure your router for this network scenario:
Configure the IKE Policy
•
Configure Group Policy Information
•
Apply Mode Configuration to the Crypto Map
•
Enable Policy Lookup
•
•
Configure IPSec Transforms and Protocols
•
Configure the IPSec Crypto Method and Parameters
•
Apply the Crypto Map to the Physical Interface
Create an Easy VPN Remote Configuration
•
An example showing the results of these configuration tasks is provided in the
section on page
The procedures in this chapter assume that you have already configured basic router features as well as
Note
PPPoE or PPPoA with NAT, DCHP and VLANs. If you have not performed these configurations tasks,
see
Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT,"
Chapter 4, "Configuring PPP over ATM with NAT,"
and VLANs"
The examples shown in this chapter refer only to the endpoint configuration on the Cisco 870 series
Note
router. Any VPN connection requires both endpoints be configured properly to function. See the
software configuration documentation as needed to configure VPN for other router models.
OL-5332-01
6-11.
as appropriate for your router.
Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide
"Configuration Example"
and
Chapter 5, "Configuring a LAN with DHCP
6-3