Cisco Systems UBR900 specifications L2TP Configuration

Configuration Examples

crypto ipsec transform-set test-transform ah-md5-hmac esp-des esp-md5-hmac

!

crypto map test-ipsec local-address cable-modem0 crypto map test-ipsec 10 ipsec-isakmp

set peer 30.1.1.1

set transform-set test-transform match address 100

!

interface Ethernet0

ip address 24.1.0.1 255.255.0.0 no ip directed-broadcast

!

interface cable-modem0

ip address 10.1.0.25 255.255.0.0 no ip directed-broadcast

no keepalive

cable-modem downstream saved channel 213000000 30 no cable-modem compliant bridge

crypto map test-ipsec router rip

version 2 network 10.0.0.0 network 24.0.0.0

!

ip classless

no ip http server

!

access-list 100 permit ip host 10.1.0.25 30.1.1.0 0.0.0.255

!

line con 0 exec-timeout 0 0 transport input none

line vty 0 4 login

!

end

L2TP Configuration

Note Encryption/decryption is subject to export licensing controls. To support L2TP and Firewall, the Cisco uBR900 series must be configured in routing mode. Software images running at both the headend and the subscriber end must support the feature set.

Note Careful address assignment on user equipment and policy routing at the headend is required. The headend may or may not use tunnels to convey traffic back to the corporate gateway.

For detailed information on IP security, L2TP, and Firewall, refer to the Security Configuration Guide.

54Cisco IOS Release 12.0(7)T