• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1062
  • Last Modified:

Cisco 3825 - PPTP

Would like to check if Cisco 3825 router supports either L2TP or PPTP protocols connectivity similar to IPSec connectivity.
0
SrikantRajeev
Asked:
SrikantRajeev
  • 8
  • 6
1 Solution
 
SrikantRajeevAuthor Commented:
For PPTP does it requires any  additional licenses on Cisco 3825.
How  many users can concurrently connect to Cisco 3825 using PPTP ?
0
 
mat1458Commented:
I do not think that you need addiditonal licenses. However it probably depends on the IOS featureset you have on your router. What IOS do you have? Please post show version.

As for the concurrent users I did not find any numbers for PPTP but I found some for L2TP: http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6549/ps6587/prod_white_paper0900aecd8066d3f5.html. Is that the numbers yu are talking about or how many sessions do you want to have concurrently?
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
SrikantRajeevAuthor Commented:
Thanks i am looking for max no of concurrent sessions.
Below is my sh ver output.

------------------------------------------------------------------------------------------------------------------------------------------
Cisco IOS Software, 3800 Software (C3825-ADVSECURITYK9-M), Version 12.4(5a), RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Fri 13-Jan-06 21:09 by alnguyen

ROM: System Bootstrap, Version 12.3(11r)T2, RELEASE SOFTWARE (fc1)

R38252 uptime is 5 hours, 9 minutes
System returned to ROM by power-on
System image file is "flash:c3825-advsecurityk9-mz.124-5a.bin"

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 3825 (revision 1.1) with 225280K/36864K bytes of memory.
Processor board ID FHK1025F1PP
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
479K bytes of NVRAM.
62720K bytes of ATA System CompactFlash (Read/Write)

Configuration register is 0x2102

---------------------------------------------------------------------------------------------------------------------------------------------
0
 
mat1458Commented:
It seems to me that you don't need additional licenses. For how many sessions are you looking? The only number I found with an older software release is 2000. http://www.cisco.com/en/US/docs/ios/12_1t/12_1t5/feature/guide/dt_pptp.html#wp1019865. But if it comes to actual performance numbers it might be worth to ask your Cisco Account SE.
0
 
SrikantRajeevAuthor Commented:
Does Cisco 3900 series router supports similar features & functionality
0
 
SrikantRajeevAuthor Commented:
is there any way i can encrypt the PPTP traffic in Cisco router
0
 
mat1458Commented:
Yes, 3900 series support the same stuff, they just do it a bit more efficiently.

Yes, you can encrypt your PPTP traffic, see http://www.cisco.com/en/US/docs/ios-xml/ios/vpdn/configuration/15-1mt/vpd-cfg-client-init-dialin-tunnels.html#GUID-A1A78C65-95DD-405D-96FF-B6A61B979F70.
0
 
SrikantRajeevAuthor Commented:
so what will be the diffrence between IPSec encryption & PPTP encryption.
Which is more secure & why
0
 
mat1458Commented:
IPsec is definitely more secure since it allows you to pick the newest available encryption algorithms. As a framework it allows future adaptions to newer standards as well.

But as I do not have any information on what you exactly want to do with all that it is not easy to recommend anything. It depends on the capabilities your clients have, also the processors and the necessary bandwidths play a role when it comes to encryption speeds. It is something that needs a holistic approach that encompasses all paramters that are in play for your solution.
0
 
SrikantRajeevAuthor Commented:
i want users using Iphone or any android phone to connect to my  network & access the required application remotely when they are in move.
0
 
SrikantRajeevAuthor Commented:
Also if i use PPTP is there any way i can segregate traffic such a way that only certain network traffic will be flowing through the PPTP tunnel & rest of the traffic will be bypassing the tunnel & it flows through the internet directly.
0
 
mat1458Commented:
When it comes to multiple device types my experiences in the past have shown that you have to test each single device aginst your configuration. It then is rather a matter of the lowest common standard in terms of features like encryption than the most secure solution of today. But as I have not been configuring your scenario recently I can't give you detailed hints.

For the routing you have to see how the routes get into each device. With PPTP they are configured in the client. Look for split tunneling as a keyword.
0
 
SrikantRajeevAuthor Commented:
Thanks
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

  • 8
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now