![]() ![]() When preparing for the Easy VPN Server, the first configuration task is to enable AAA on the router. The command is entered in the global configuration mode. NewYork(config)#ip local pool windham-office 10.10.8.1 10.10.8.50 Configure the Group Policy Lookup NewYork#configure terminal NewYork(config)#aaa new-model Use the following commands:Īaa new-model ip local pool pool-name low-address high-addressĮxample 19-1 shows what the configuration would look like on the router at the New York headquarters.Įxample 19-1 Preparing the Router for Easy VPN Server The next step is to configure a local address pool that will be used for assigning addresses to remote users. ![]() The group policy lookup is the method used to authenticate the remote users attempting to gain access. It is possible to use a RADIUS server as well as the local group. The command for this configuration is as follows:Īaa authorization network group-name local Įxample 19-2 shows the command for configuring the group policy lookup for the local group.Įxample 19-2 Configuring the Policy Lookup NewYork#configure terminal The servers will be tried in the order listed. ISAKMP is enabled by default on the Cisco router however, you will need to select the following IKE parameters: NewYork(config)#aaa authorization network windham-vpn-users local group radius Create the ISAKMP Policy for the Remote VPN ClientsĬonfiguring the ISAKMP policy for the VPN users is no different from the configuration required for any other VPN connection. Refer to Table 19-2 for a list of supported options for each category. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |