Lab environment: Windows XP and Cisco 3825 Routers
Create a VPN Server on the vro and connect the VPN Server with the VPN Client that comes with Windows.
The experiment topology is roughly as follows:
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "331" border = "0" title = "clip_image002" style = "border: 0px none;" alt = "clip_image002" src = "http://www.bkjia.com/uploads/allimg/131227/040T14531-0.jpg"/>
Tutorial steps:
1. VPN Server Configuration:
1: Enable vpdn on the vro ). This is used for VPN Client connection.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "161" border = "0" title = "clip_image003" style = "border: 0px none;" alt = "clip_image003" src = "http://www.bkjia.com/uploads/allimg/131227/040T13237-1.gif"/>
2. Create a VPDN network group configuration based on PPTP. The configuration is as follows:
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "259" border = "0" title = "clip_image004" style = "border: 0px none;" alt = "clip_image004" src = "http://www.bkjia.com/uploads/allimg/131227/040T11251-2.gif"/>
3. Configure the following IP address for the router interface.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "181" border = "0" title = "clip_image006" style = "border: 0px none;" alt = "clip_image006" src = "http://www.bkjia.com/uploads/allimg/131227/040T12Q3-3.jpg"/>
4,
Ip unnumbered gi0/1 creates a virtual template and references it to port gi0/1 to ensure that the VPN access connection is acceptable.
Peer default ip address pool defaultpool configuration default address pool name
Ppp encrypt mppe auto required sets the ppp encryption mode to Microsoft point-to-point automatic encryption.
Ppp authentication ms-chap the PPP authentication mechanism configured by the ms-chap-v2 to match the default value of the VPN Client:
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "110" border = "0" title = "clip_image008" style = "border: 0px none;" alt = "clip_image008" src = "http://www.bkjia.com/uploads/allimg/131227/040T1L37-4.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "125" border = "0" title = "clip_image009" style = "border: 0px none;" alt = "clip_image009" src = "http://www.bkjia.com/uploads/allimg/131227/040T12S0-5.gif"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "197" border = "0" title = "clip_image011" style = "border: 0px none;" alt = "clip_image011" src = "http://www.bkjia.com/uploads/allimg/131227/040T1L46-6.jpg"/>
5. Create an IP address pool and create a test user,
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "110" border = "0" title = "clip_image013" style = "border: 0px none;" alt = "clip_image013" src = "http://www.bkjia.com/uploads/allimg/131227/040T1L13-7.jpg"/>
6. configure authentication PPP and use the local database. If you have a RADIUS server, you will point to the RADIUS server instead of the local database,
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "192" border = "0" title = "clip_image014" style = "border: 0px none;" alt = "clip_image014" src = "http://www.bkjia.com/uploads/allimg/131227/040T12Y1-8.gif"/>
All configurations of the VPN Client have been completed. Let's take a look at the complete configuration of the car:
Ro # show running-config
Building configuration...
Current configuration: 1298 bytes
!
Version 12.4:
Service timestamps debug datetime msec
Service timestamps log datetime msec
No service password-encryption
!
Hostname tro
!
Boot-start-marker
Boot-end-marker
!
!
Aaa new-model
!
!
Aaa authentication ppp default local
!
!
Aaa session-id common
Ip cef
!
No ip domain lookup
!
Multilink bundle-name authenticated
!
Vpdn enable
!
Vpdn-group linuxtro
! Default pptp vpdn group
Accept-dialin
Protocol pptp
Virtual-template 1
L2tp tunnel receive-window 1024
!
Voice-card 0
No dspfarm
!
Username linuxtro password 0 linuxtro
Archive
Log config
Hidekeys
!
Interface GigabitEthernet0/0
Ip address 192.168.1.10 255.255.255.0
Duplex auto
Speed auto
Media-type rj45
!
Interface GigabitEthernet0/1
Ip address 10.123.123.123 255.255.255.0
Duplex auto
Speed auto
Media-type rj45
!
Interface Virtual-Template1
Ip unnumbered GigabitEthernet0/1
Peer default ip address pool defaultpool
Ppp encrypt mppe auto required
Ppp authentication ms-chap ms-chap-v2
!
!
Ip local pool defaultpool 10.123.123.10 10.123.123.100
!
!
Ip http server
No ip http secure-server
!
!
Control-plane
!
Line con 0
Stopbits 1
Line aux 0
Stopbits 1
Line vty 0 4
!
Scheduler allocate 20000 1000
!
Webvpn cef
!
End
Ii. VPN Client Configuration
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "326" border = "0" title = "clip_image016" style = "border: 0px none;" alt = "clip_image016" src = "http://www.bkjia.com/uploads/allimg/131227/040T151K-9.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "360" border = "0" title = "clip_image018" style = "border: 0px none;" alt = "clip_image018" src = "http://www.bkjia.com/uploads/allimg/131227/040T15963-10.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "360" border = "0" title = "clip_image020" style = "border: 0px none;" alt = "clip_image020" src = "http://www.bkjia.com/uploads/allimg/131227/040T15457-11.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "366" border = "0" title = "clip_image022" style = "border: 0px none;" alt = "clip_image022" src = "http://www.bkjia.com/uploads/allimg/131227/040T1J19-12.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "370" border = "0" title = "clip_image024" style = "border: 0px none;" alt = "clip_image024" src = "http://www.bkjia.com/uploads/allimg/131227/040T11Z3-13.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "371" border = "0" title = "clip_image026" style = "border: 0px none;" alt = "clip_image026" src = "http://www.bkjia.com/uploads/allimg/131227/040T15924-14.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "381" border = "0" title = "clip_image028" style = "border: 0px none;" alt = "clip_image028" src = "http://www.bkjia.com/uploads/allimg/131227/040T12932-15.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "301" border = "0" title = "clip_image030" style = "border: 0px none;" alt = "clip_image030" src = "http://www.bkjia.com/uploads/allimg/131227/040T155Q-16.jpg"/>
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "127" border = "0" title = "clip_image032" style = "border: 0px none;" alt = "clip_image032" src = "http://www.bkjia.com/uploads/allimg/131227/040T132B-17.jpg"/>
You can view the Advanced Settings button under the Security Tab Of the VPN properties.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "412" border = "0" title = "clip_image034" style = "border: 0px none;" alt = "clip_image034" src = "http://www.bkjia.com/uploads/allimg/131227/040T1H40-18.jpg"/>
Here we can see that the default VPN authentication method in Windows is MS-CHAP v2
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "386" border = "0" title = "clip_image036" style = "border: 0px none;" alt = "clip_image036" src = "http://www.bkjia.com/uploads/allimg/131227/040T14555-19.jpg"/>
The VPN type is PPTP.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "379" border = "0" title = "clip_image038" style = "border: 0px none;" alt = "clip_image038" src = "http://www.bkjia.com/uploads/allimg/131227/040T12920-20.jpg"/>
View the IP address in the command line to view the IP address in the address pool.
650) this. width = 650; "onclick = 'window. open (" http://blog.51cto.com/viewpic.php? Refimg = "+ this. src) 'height = "194" border = "0" title = "clip_image040" style = "border: 0px none;" alt = "clip_image040" src = "http://www.bkjia.com/uploads/allimg/131227/040T13Y4-21.jpg"/>
This article is from the "linux on the way" blog, please be sure to keep this source http://linuxtro.blog.51cto.com/1239505/341067
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
