• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 472
  • Last Modified:

Cisco VPN?

Hi, I have a Cisco 2621 XM router at my office. I need to set up a VPN connection to this router and use the Cisco VPN client. Can someone let me know what I will need to get this done? Thank you.
0
aej1973
Asked:
aej1973
  • 5
  • 4
1 Solution
 
pointermanksCommented:
Need more information that what is up there now.  Do you have firewalls/ASA's in the network?
0
 
aej1973Author Commented:
no, I do not have  an ASA firewall. I have a 2621XM router with the security package (sec/ k9). Will I need a ASA firewall to impliment this VPN tunnel?

Also, to use the Cisco VPN client software will I need to have a licence from Cisco? Thanks for the help.
0
 
pointermanksCommented:
you need to get the *.pcl file for the VPN set up.  Should look something like this:  Also, if you have the software then no you do not need to have a license to have it work but you should....  

[main]
Description=VPN
Host=IP address
AuthType=1
GroupName=group name
GroupPwd= password
enc_GroupPwd=
EnableISPConnect=0
ISPConnectType=0
ISPConnect=
ISPPhonebook=
ISPCommand=
Username= user name
SaveUserPassword=0  (set these to 1 to save the password in the PCL file.)
UserPassword=
enc_UserPassword=
NTDomain=
EnableBackup=0
BackupServer=
EnableMSLogon=1
MSLogonType=0
EnableNat=1
TunnelingMode=0
TcpTunnelingPort=10000
CertStore=0
CertName=
CertPath=
CertSubjectName=
CertSerialHash=00000000000000000000000000000000
SendCertChain=0
PeerTimeout=90
EnableLocalLAN=0
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
aej1973Author Commented:
Would I need a license if I have an ASA firewall? Also, I am not very sure how to update the router with *.plc file. Thank you for the help.

-A
0
 
aej1973Author Commented:
I did have  word with my Cisco vendor and he mentioned that there are VPN cards available for my 2621XM router, how would I use this? Thanks for the help.
0
 
pointermanksCommented:
the PCL file resides on the computer you are using to connect with.  You will need to configure the ASA with the VPN connection opening the correct ports for the protocols you are utilizing.  I use a shared key then a user specific key that I generate utilizing keypass.  you will need to specify the ip address range that the VPN is going to be able to utilize as by default everything is blocked until you open it up.  If you are utilizing NAT then you will need to have the NAT rule set up to translate the public IP address to the private IP address of the router if that is what you are VPN'ng to.  I usually set up the VPN to go to the core router for the network then you can go from there to almost anywhere.  that allows me to RDC to servers and desktops to troubleshoot when I am off site.
0
 
aej1973Author Commented:
well, I guess I found the article I was looking for to configure a VPN connection on my 2621XM:

http://www.cisco.com/en/US/products/sw/secursw/ps5318/products_configuration_example09186a00806ad10e.shtml

I am a lillte confused about  a few things:

1) In the last step it tells me to create a new pool of IP address, what are these addresses? My lan network has a pool of 10.13.3.0, do I need to put a subset of this pool?
2) In the VPN client what will be:

- connection entry
-Host
- In the group auth what will be the name and password?


Thank you for the help.

-A
0
 
pointermanksCommented:
If you want to restrict what people can access then you put in a new subnet then you can limit where they can go by a ACL.

Connection entity will be the name of what you want to call the VPN connection
host is the IP address that you are connecting to (public IP NAT to private)
group authentication is a user name and password you put in so that the person connecting has to do double authentication.  Basically tells the connection to accept it or not then you can authenicate username and password.  Another level of security.
0
 
aej1973Author Commented:
I would like to award pts and close this question.
0
 
QlemoC++ DeveloperCommented:
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now