Table of Contents
Advertisement
Configuration Examples
Clear the DF bit globally:
XSR(config)#crypto ipsec df-bit clear
Enable the OSPF engine, VPN and FastEthernet 1 interfaces for routing:
XSR(config)#router ospf 1
XSR(config-router)#network 10.120.70.0 0.0.0.255 area 5.5.5.5
XSR(config-router)#network 10.120.112.0 0.0.0.255 area 5.5.5.5
Create a group for NEM and Client mode users:
XSR(config)#aaa group sohoclient
XSR(aaa-group)#dns server primary 10.120.112.220
XSR(aaa-group)#dns server secondary 0.0.0.0
XSR(aaa-group)#wins server primary 10.120.112.220
XSR(aaa-group)#wins server secondary 0.0.0.0
XSR(aaa-group)#ip pool test
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#policy vpn
Define a group for remote access XP users including DNS and WINs servers, an IP pool, PPTP and
L2TP values, and client VPN permission:
XSR(config)#aaa group XPusers
XSR(aaa-group)#dns server primary 10.120.112.220
XSR(aaa-group)#dns server secondary 0.0.0.0
XSR(aaa-group)#wins server primary 10.120.112.220
XSR(aaa-group)#wins server secondary 0.0.0.0
XSR(aaa-group)#ip pool test
XSR(aaa-group)#pptp encrypt mppe 128
XSR(aaa-group)#policy vpn
Configure the RADIUS AAA method to authenticate remote access users:
XSR(config)#aaa method radius msradius default
XSR(aaa-method-radius)#backup test
XSR(aaa-method-radius)#enable
XSR(aaa-method-radius)#group DEFAULT
XSR(aaa-method-radius)#address ip-address 10.120.112.179
XSR(aaa-method-radius)#key welcome
XSR(aaa-method-radius)#auth-port 1812
XSR(aaa-method-radius)#acct-port 1646
XSR(aaa-method-radius)#attempts 1
XSR(aaa-method-radius)#retransmit 1
XSR(aaa-method-radius)#timeout 5
XSR(aaa-method-radius)#qtimeout 0
Set branch office EZ-IPSec on the PPPoE, FastEthernet sub-interface 2.2, using certificates:
XSR(config)#interface FastEthernet 1
XSR(config-if<F1>)#ip address 172.16.1.1 255.255.255.0
XSR(config-if<F1>)#no shutdown
XSR(config)#interface FastEthernet 2
XSR(config-if<F2>)#no shutdown
XSR(config)#interface fastethernet 2.2
XSR(config-if)#crypto ezipsec
XSR User's Guide 14-39
Advertisement
Table of Contents
Troubleshooting
