SrikantRajeev
asked on
Cisco 3825 - PPTP
Would like to check if Cisco 3825 router supports either L2TP or PPTP protocols connectivity similar to IPSec connectivity.
ASKER
For PPTP does it requires any additional licenses on Cisco 3825.
How many users can concurrently connect to Cisco 3825 using PPTP ?
How many users can concurrently connect to Cisco 3825 using PPTP ?
I do not think that you need addiditonal licenses. However it probably depends on the IOS featureset you have on your router. What IOS do you have? Please post show version.
As for the concurrent users I did not find any numbers for PPTP but I found some for L2TP: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6549/ps6587/prod_white_paper0900aecd8066d3f5.html. Is that the numbers yu are talking about or how many sessions do you want to have concurrently?
As for the concurrent users I did not find any numbers for PPTP but I found some for L2TP: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6549/ps6587/prod_white_paper0900aecd8066d3f5.html. Is that the numbers yu are talking about or how many sessions do you want to have concurrently?
ASKER
Thanks i am looking for max no of concurrent sessions.
Below is my sh ver output.
--------------------------
Cisco IOS Software, 3800 Software (C3825-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 13-Jan-06 21:09 by alnguyen
ROM: System Bootstrap, Version 12.3(11r)T2, RELEASE SOFTWARE (fc1)
R38252 uptime is 5 hours, 9 minutes
System returned to ROM by power-on
System image file is "flash:c3825-advsecurityk9
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 3825 (revision 1.1) with 225280K/36864K bytes of memory.
Processor board ID FHK1025F1PP
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)
Configuration register is 0x2102
--------------------------
Below is my sh ver output.
--------------------------
Cisco IOS Software, 3800 Software (C3825-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 13-Jan-06 21:09 by alnguyen
ROM: System Bootstrap, Version 12.3(11r)T2, RELEASE SOFTWARE (fc1)
R38252 uptime is 5 hours, 9 minutes
System returned to ROM by power-on
System image file is "flash:c3825-advsecurityk9
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
export@cisco.com.
Cisco 3825 (revision 1.1) with 225280K/36864K bytes of memory.
Processor board ID FHK1025F1PP
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)
Configuration register is 0x2102
--------------------------
It seems to me that you don't need additional licenses. For how many sessions are you looking? The only number I found with an older software release is 2000. http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dt_pptp.html#wp1019865. But if it comes to actual performance numbers it might be worth to ask your Cisco Account SE.
ASKER
Does Cisco 3900 series router supports similar features & functionality
ASKER
is there any way i can encrypt the PPTP traffic in Cisco router
Yes, 3900 series support the same stuff, they just do it a bit more efficiently.
Yes, you can encrypt your PPTP traffic, see http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/15-1mt/vpd-cfg-client-init-dialin-tunnels.html#GUID-A1A78C65-95DD-405D-96FF-B6A61B979F70.
Yes, you can encrypt your PPTP traffic, see http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/15-1mt/vpd-cfg-client-init-dialin-tunnels.html#GUID-A1A78C65-95DD-405D-96FF-B6A61B979F70.
ASKER
so what will be the diffrence between IPSec encryption & PPTP encryption.
Which is more secure & why
Which is more secure & why
IPsec is definitely more secure since it allows you to pick the newest available encryption algorithms. As a framework it allows future adaptions to newer standards as well.
But as I do not have any information on what you exactly want to do with all that it is not easy to recommend anything. It depends on the capabilities your clients have, also the processors and the necessary bandwidths play a role when it comes to encryption speeds. It is something that needs a holistic approach that encompasses all paramters that are in play for your solution.
But as I do not have any information on what you exactly want to do with all that it is not easy to recommend anything. It depends on the capabilities your clients have, also the processors and the necessary bandwidths play a role when it comes to encryption speeds. It is something that needs a holistic approach that encompasses all paramters that are in play for your solution.
ASKER
i want users using Iphone or any android phone to connect to my network & access the required application remotely when they are in move.
ASKER
Also if i use PPTP is there any way i can segregate traffic such a way that only certain network traffic will be flowing through the PPTP tunnel & rest of the traffic will be bypassing the tunnel & it flows through the internet directly.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
L2TP: http://www.cisco.com/en/US/docs/ios/sec_secure_connectivity/configuration/guide/sec_l2tp_nat_pat.html
PPTP: http://www.techrepublic.com/article/solutionbase-using-a-cisco-ios-router-as-a-vpn-server/5926395