144
Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
Chapter Configuring Security Features
Configuring VPN
DETAILED STEPS
Command or Action Purpose
Step 1
crypto ipsec client ezvpn name
Example:
Router(config)# crypto ipsec client ezvpn
ezvpnclient
Router(config-crypto-ezvpn)#
Creates a Cisco Easy VPN remote configuration,
and enters Cisco Easy VPN remote configuration
mode.
Step 2
group group-name key group-key
Example:
Router(config-crypto-ezvpn)# group
ezvpnclient key secret-password
Router(config-crypto-ezvpn)#
Specifies the IPSec group and IPSec key value for
the VPN connection.
Step 3
peer {ipaddress | hostname}
Example:
Router(config-crypto-ezvpn)# peer
192.168.100.1
Router(config-crypto-ezvpn)#
Specifies the peer IP address or hostname for the
VPN connection.
Note A hostname can be specified only when
the router has a DNS server available for
hostname resolution.
Note Use this command to configure multiple
peers for use as backup. If one peer goes
down, the Easy VPN tunnel is established
with the second available peer. When the
primary peer comes up again, the tunnel is
reestablished with the primary peer.
Step 4
mode {client | network-extension | network
extension plus}
Example:
Router(config-crypto-ezvpn)# mode client
Router(config-crypto-ezvpn)#
Specifies the VPN mode of operation.
Step 5
exit
Example:
Router(config-crypto-ezvpn)# exit
Router(config)#
Returns to global configuration mode.
Step 6
crypto isakmp keepalive seconds
Example:
Router(config-crypto-ezvpn)# crypto isakmp
keepalive 10
Router(config)#
Enables dead peer detection messages. Time
between messages is given in seconds, with a
range of 10 to 3600.
To Next Page
Loading...
