Solved

VPN with Cisco and Linux

Posted on 2003-12-01
5
644 Views
Last Modified: 2010-03-19
Here is my situation and setup:

Internet --------Router A----------(E0)Router B(E1)----------LAN

Router A belongs to my ISP and they have assigned my E0 interface on Router B (Cisco 2514) a private (10.0.0.155) IP address. The E1 Interface goes to my lan. The default gateway for Router B is set to the Interface on Router A (10.0.0.1).
I have a public IP and it is on some interface over at Router A and then any thing destined with my public IP gets sent to my Router B E0 interface.

I did NAT so my users can get to the net and I setup port fowarding so my www server will work.

I need to setup a VPN solution here using a Linux box or with the Cisco IOS. I will copy and paste my sh version of the router when I get it, but for now, all I know is that when I look for any vpn commands the only thing I see is VPDN. I don't know if that will work. Also, I don't think I have the IPsec or DES feature pack. Ill copy and paste as soon as I can.

Also if I use a linux solution, does my router need to support ipsec or any encryption?



 
0
Comment
Question by:rankin195
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 

Author Comment

by:rankin195
ID: 9864190
Cisco Internetwork Operating System Software
IOS (tm) 2500 Software (C2500-C-L), Version 12.0(4), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-1999 by cisco Systems, Inc.
Compiled Wed 14-Apr-99 21:53 by ccai
Image text-base: 0x0302CBAC, data-base: 0x00001000

ROM: System Bootstrap, Version 5.2(8a), RELEASE SOFTWARE
BOOTFLASH: 3000 Bootstrap Software (IGS-RXBOOT), Version 10.2(8a), RELEASE SOFTWARE (fc1)

pck2514 uptime is 13 days, 23 hours, 59 minutes
System restarted by reload
System image file is "flash:/c2500-c-l.120-4.bin"

cisco 2500 (68030) processor (revision D) with 16384K/2048K bytes of memory.
Processor board ID 04151312, with hardware revision 00000000
Bridging software.
SuperLAT software copyright 1990 by Meridian Technology Corp).
X.25 software, Version 3.0.0.
TN3270 Emulation software.
2 Ethernet/IEEE 802.3 interface(s)
2 Serial network interface(s)
32K bytes of non-volatile configuration memory.
 16384K bytes of processor board System flash (Read ONLY)

Configuration register is 0x2102
0
 
LVL 2

Expert Comment

by:skyfreedomdotnet
ID: 9882632
Ok the bad news first. THe Cisco 2514 router is no longer supported by Cisco and it does not offer any VPN services.
Now the good news.  Setting up a a VPN server on LInux will work. Now this is as long as your ISP allows IPSEC traffic through their router, you should ask and demand.
Another thing you could do is by a concentrator, like a Cisco 3005 (http://www.cdw.com/shop/products/default.aspx?EDC=222396) or a Linksys (http://www.linksys.com/products/product.asp?grid=34&scid=29&prid=589).
The concentrator would be my number one choice, its easy and standalone.
Let me know if this helps and if you have any questions post them.
0
 

Author Comment

by:rankin195
ID: 9885835
Ok I think I am going to go the linux way with IPSEC sinces it is cheaper.

What would I have to do with my router since I am doing nat and pat?

Does my router need IPSEC, cause I don't believe it does.

0
 
LVL 2

Accepted Solution

by:
skyfreedomdotnet earned 100 total points
ID: 9886058
No, your router does not need to support IPSEC. It will only be a passthrough.
Do this:

On your router NAT your Linux box's private ip to the outside. Do you have a firewall? If so  allow only ports 500 (ISAKMP) tcp, 50 (ESP) tcp IN.
0
 

Author Comment

by:rankin195
ID: 9887025
thank you
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
help Skype for Business keeps dropping 7 41
Hidden network 2 43
TLS 1.0 & Windows 7 - How to disable? 16 130
Understanding Extended-Access List 6 40
Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question