1. Manuals
  2. Brands
  3. Enterasys Manuals
  4. Network Router
  5. X-Pedition XSR-1850
  6. Getting started manual

Configuring Authentication (Aaa); Vpn Sample Configuration With Network Extension Mode - Enterasys X-Pedition XSR-1850 Getting Started Manual

X-pedition security router
Hide thumbs Also See for X-Pedition XSR-1850:
Table of Contents

Advertisement

VPN Sample Configuration with Network Extension Mode

XSR(config)#interface vpn 57 multi-point
XSR(config-int-vpn)#ip address 192.168.2.1 255.255.255.0
XSR(config)#router rip
XSR(config-router)#network 112.16.10.0
XSR(config-router)#passive-interface fastethernet 2
XSR(config-router)#no receive-interface fastethernet 2
XSR(config-router)#distribute-list 1 out vpn 1
XSR(config)#ip route 0.0.0.0 0.0.0.0 112.16.244.9
XSR(config)#ip route 112.16.72.0 255.255.255.0 112.16.244.9
XSR(config)#ip route 112.16.76.0 255.255.255.0 112.16.244.7
XSR(config)#ip route 112.16.80.0 255.255.255.0 112.16.244.5

Configuring Authentication (AAA)

Configure an AAA user and DEFAULT AAA group for remote users. When an ANG tunnels into
the XSR, it will be assigned dynamically to the IP pool AUTH. Be aware that groups must be
created before users can be added to them. Remember to create the same users and passwords on
the ANG. The IP address assigned to the AAA user is the remote gatewayIP address.
XSR(config)#ip local pool AUTH 192.168.2.0 255.255.255.0
XSR(config)#aaa user 112.16.244.9
XSR(aaa-user)#password dribble
XSR(aaa-user)#group DEFAULT
XSR(aaa-group)#pptp encrypt mppe auto
XSR(aaa-group)#ip pool AUTH
XSR(aaa-group)#policy vpn
VPN Sample Configuration with Network Extension Mode
The following sample topology is ideal for testing a VPN NEM tunnel connection on a LAN before
actually configuring a production network. If the configuration works properly, simply change the
FastEthernet settings to the Serial or T1 interface values of your choice.
The XSR below is configured as a VPN concentrator with Internet access allowed and Network
Extension Mode (NEM) tunnels set up. NEM is designed to open up network resources situated
behind the XSR. You configure NEM to provide routing for nodes connected to the trusted port of
the router so that locally and remotely connected devices can discover and communicate with
each other across an IKE/IPSec tunnel.
The XSR's EZ-IPSec functionality is employed to automatically access default ESP transforms and
IPSec proposals. The following script configures the VPN topology shown in
3-30 Software Configuration
Figure
3-6.
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Enterasys X-Pedition XSR-1850

Related Content for Enterasys X-Pedition XSR-1850

Table of Contents