9-79
Cisco Router and Security Device Manager Version 2.2 Users Guide
OL-4015-08
Chapter9 Easy VPN Remote
Create Easy VPN Remote
Choose Network Extension if you want the devices connected to the inside
interfaces to have IP addresses that are routable and reachable by the destination
network. The devices at both ends of the connection will form one logical
network. PAT will be automatically disabled, allowing the PCs and hosts at both
ends of the connection to have direct access to one another.
Consult with the administrator of the Easy VPN server or concentrator before
choosing this setting.
If you choose Network Extension, you can enable remote management of the
router by checking the box to request a server-assigned IP address for your router.
This IP address can be used for connecting to your router for remote management
and troubleshooting (ping, Telnet, and Secure Shell). This mode is known as
Network Extension Plus.
Note If the router is not running a Cisco IOS image that suppor ts Easy VPN Remote
Phase IV or later, you will not be able to set Network Extension Plus.
Authentication
Use this window to specify security for the Easy VPN Remote tunnel.
Device Authentication
Choose Digital Certificates or Preshared Key.
Note The Digital Certificates option is available only if supported by the Cisco IOS
image on your router.
To use a preshared key, enter the IPSec group name. The group name must match
the group name defined on the VPN concentrator or server. Obtain this
information from your network administrator.
Enter the IPSec group key. The group key must match the group key defined on
the VPN concentrator or server. Obtain this information from your network
administrator. Reenter the key to confirm its accuracy.