Chapter 9 Configuring Security Features
Configuring VPN
After the IPSec server has been configured, a VPN connection can be created with minimal configuration on an IPSec client, such as a supported Cisco 819 ISR. When the IPSec client initiates the VPN tunnel connection, the IPSec server pushes the IPSec policies to the IPSec client and creates the corresponding VPN tunnel connection.
Note The Cisco Easy VPN client feature supports configuration of only one destination peer. If your application requires the creation of multiple VPN tunnels, you must manually configure the IPSec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on both the client and the server.
Cisco 819 ISRs can be also configured to act as Cisco Easy VPN servers, letting authorized
Cisco Easy VPN clients establish dynamic VPN tunnels to the connected network. For information on the configuration of Cisco Easy VPN servers, see the Easy VPN Server feature document.
Site-to-Site VPN
The configuration of a
Figure 9-2 Site-to-Site VPN Using an IPSec Tunnel and GRE
8
| 3 |
| 6 |
2 | 4 | 5 | 7 |
Internet
1
9
121783
1 | Branch office containing multiple LANs and VLANs |
|
|
2 | Fast Ethernet LAN |
|
|
3 | VPN |
|
|
4 | Fast Ethernet |
|
|
5 | LAN |
|
|
6 | VPN |
|
|
7 | LAN |
|
|
8 | Corporate office network |
|
|
9 | IPSec tunnel with GRE |
|
|
For more information about IPSec and GRE configuration, see Secure Connectivity Configuration Guide
Library, Cisco IOS Release 12.4T.
Cisco 819 Series Integrated Services Routers Software Configuration Guide
|
| |
|
