how to set up vpn on cisco router

I have a cisco 1720 router, and I would like to set up vpn on it.  Just to let you know I do not want site to site, just something so I can use the cisco vpn client software to connect to my home network.  I also am connected to a cable modem so I have a dynamic wan ip not a static ip.  What do I do?
merctkeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

cedarghostCommented:
Your config would look something like this:
!
logging buffered 4096 debugging
aaa new-model
!
!
aaa authorization network vpn-clientgroup local
aaa session-id common
!
<SNIP>
!
ip subnet-zero
!
!
no ip domain-lookup
!
ip audit notify log
ip audit po max-events 100
ip ssh time-out 120
ip ssh authentication-retries 3
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration address-pool local dynpool
!
crypto isakmp client configuration group vpn-clientgroup
key *REMOVED*
pool dynpool
acl 111
!
!
crypto ipsec transform-set transform-1 esp-3des esp-sha-hmac
!
crypto dynamic-map dynmap 1
set transform-set transform-1
!
!
crypto map dynmap isakmp authorization list vpn-clientgroup
crypto map dynmap client configuration address respond
crypto map dynmap 1 ipsec-isakmp dynamic dynmap
!
!
!
!
interface Loopback0
description Management Loopback address
ip address *REMOVED*
!
interface Ethernet0
ip address *PUBLIC ADDRESS REMOVED*
half-duplex
crypto map dynmap
!
interface FastEthernet0
ip address *PRIVATE ADDRESS REMOVED*
speed 100
!
ip local pool dynpool *ADDRESS RANGE REMOVED*
ip default-gateway *PUBLIC ADDRESS REMOVED*
ip classless
ip route 0.0.0.0 0.0.0.0 *PUBLIC ADDRESS REMOVED*
ip route 10.0.0.0 255.0.0.0 *PRIVATE ADDRESS REMOVED*
ip route *REMOVED*
no ip http server
ip pim bidir-enable
!
!
logging trap debugging
logging source-interface FastEthernet0
logging *REMOVED*
access-list 111 permit ip *REMOVED* *REMOVED*
access-list 111 permit ip *REMOVED* *REMOVED*
no cdp run
!
0
rsivanandanCommented:
>>so I can use the cisco vpn client software to connect to my home network

Did you mean *from* home network?

Also is the router on dhcp in wan side? Confirm.

Cheers,
Rajesh
0
cedarghostCommented:
The router HAS to have a static IP, so if it is getting a dynamic IP, you have a problem. And are you trying to connect FROM your home network?
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
merctkeAuthor Commented:
I am trying to connect to my home network where I have built my cisco router
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.