Solved

Cisco 3825 - PPTP

Posted on 2012-03-13
14
1,021 Views
Last Modified: 2012-06-21
Would like to check if Cisco 3825 router supports either L2TP or PPTP protocols connectivity similar to IPSec connectivity.
0
Comment
Question by:SrikantRajeev
  • 8
  • 6
14 Comments
 
LVL 10

Expert Comment

by:mat1458
ID: 37718898
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37723691
For PPTP does it requires any  additional licenses on Cisco 3825.
How  many users can concurrently connect to Cisco 3825 using PPTP ?
0
 
LVL 10

Expert Comment

by:mat1458
ID: 37724034
I do not think that you need addiditonal licenses. However it probably depends on the IOS featureset you have on your router. What IOS do you have? Please post show version.

As for the concurrent users I did not find any numbers for PPTP but I found some for L2TP: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6549/ps6587/prod_white_paper0900aecd8066d3f5.html. Is that the numbers yu are talking about or how many sessions do you want to have concurrently?
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37724249
Thanks i am looking for max no of concurrent sessions.
Below is my sh ver output.

------------------------------------------------------------------------------------------------------------------------------------------
Cisco IOS Software, 3800 Software (C3825-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 13-Jan-06 21:09 by alnguyen

ROM: System Bootstrap, Version 12.3(11r)T2, RELEASE SOFTWARE (fc1)

R38252 uptime is 5 hours, 9 minutes
System returned to ROM by power-on
System image file is "flash:c3825-advsecurityk9-mz.124-5a.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 3825 (revision 1.1) with 225280K/36864K bytes of memory.
Processor board ID FHK1025F1PP
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)

Configuration register is 0x2102

---------------------------------------------------------------------------------------------------------------------------------------------
0
 
LVL 10

Expert Comment

by:mat1458
ID: 37725093
It seems to me that you don't need additional licenses. For how many sessions are you looking? The only number I found with an older software release is 2000. http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dt_pptp.html#wp1019865. But if it comes to actual performance numbers it might be worth to ask your Cisco Account SE.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37785918
Does Cisco 3900 series router supports similar features & functionality
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37785934
is there any way i can encrypt the PPTP traffic in Cisco router
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 10

Expert Comment

by:mat1458
ID: 37786015
Yes, 3900 series support the same stuff, they just do it a bit more efficiently.

Yes, you can encrypt your PPTP traffic, see http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/15-1mt/vpd-cfg-client-init-dialin-tunnels.html#GUID-A1A78C65-95DD-405D-96FF-B6A61B979F70.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37786296
so what will be the diffrence between IPSec encryption & PPTP encryption.
Which is more secure & why
0
 
LVL 10

Expert Comment

by:mat1458
ID: 37786389
IPsec is definitely more secure since it allows you to pick the newest available encryption algorithms. As a framework it allows future adaptions to newer standards as well.

But as I do not have any information on what you exactly want to do with all that it is not easy to recommend anything. It depends on the capabilities your clients have, also the processors and the necessary bandwidths play a role when it comes to encryption speeds. It is something that needs a holistic approach that encompasses all paramters that are in play for your solution.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37794531
i want users using Iphone or any android phone to connect to my  network & access the required application remotely when they are in move.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37794546
Also if i use PPTP is there any way i can segregate traffic such a way that only certain network traffic will be flowing through the PPTP tunnel & rest of the traffic will be bypassing the tunnel & it flows through the internet directly.
0
 
LVL 10

Accepted Solution

by:
mat1458 earned 500 total points
ID: 37796846
When it comes to multiple device types my experiences in the past have shown that you have to test each single device aginst your configuration. It then is rather a matter of the lowest common standard in terms of features like encryption than the most secure solution of today. But as I have not been configuring your scenario recently I can't give you detailed hints.

For the routing you have to see how the routes get into each device. With PPTP they are configured in the client. Look for split tunneling as a keyword.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 37885434
Thanks
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now