New VPN setup

Unanswered Question
Mar 12th, 2007
User Badges:


I am new to Cisco technology and would like to set up VPN capability for remote users. We have an 871 router with 1 public IP address and an internal Windows network that uses PAT to access the internet. Could someone please provide a link or information on how to get started configuring VPN.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
ggilbert Mon, 03/12/2007 - 08:42
User Badges:
  • Cisco Employee,


The document listed below has information on how to configure a VPN client to an ASA.

And it also provides you information on allowing the VPN client to access internet through the ASA while connected through VPN client.

Rate this post, if it helps.!!



jmarsh8034 Wed, 03/14/2007 - 05:32
User Badges:

Do I need to purchase an ASA or can I use the 870 series router as a VPN server. I need to allow outside users access to my server that is located inside my LAN. We will need up to 10 VPN tunnels for remote users, but no site to site lines. If I do need to purchase more equipment does anyone have a suggestion?

ggilbert Wed, 03/14/2007 - 08:02
User Badges:
  • Cisco Employee,

You do not need to purchase more equipments.

you can use the 870 series router to provide VPN client connections to your network.

All you need in the router is to make sure that you have right software running.

Send the output of "sh ver" please.

Let me take a look at it to see if you have the ability to configure crypto.



jmarsh8034 Wed, 03/14/2007 - 09:40
User Badges:

Here is my version. Please let me know if you need anything else.

Cisco IOS Software, C870 Software (C870-ADVSECURITYK9-M), Version 12.4(4)T4, RELEASE SOFTWARE (fc2)

Technical Support:

Copyright (c) 1986-2006 by Cisco Systems, Inc.

Compiled Thu 03-Aug-06 17:20 by kellythw

ROM: System Bootstrap, Version 12.3(8r)YI3, RELEASE SOFTWARE

FMG uptime is 1 day, 3 hours, 38 minutes

System returned to ROM by reload

System image file is "flash:c870-advsecurityk9-mz.124-4.T4.bin"

Last reload reason: Unknown reason

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

If you require further assistance please contact us by sending email to

[email protected].

Cisco 871W (MPC8272) processor (revision 0x200) with 118784K/12288K bytes of memory.

Processor board ID FHK104813BP

MPC8272 CPU Rev: Part Number 0xC, Mask Number 0x10

5 FastEthernet interfaces

1 802.11 Radio

128K bytes of non-volatile configuration memory.

24576K bytes of processor board System flash (Intel Strataflash)

Configuration register is 0x2102

ggilbert Wed, 03/14/2007 - 09:58
User Badges:
  • Cisco Employee,


you should not have a problem with configuring "crypto" on this router.



jmarsh8034 Wed, 03/14/2007 - 11:00
User Badges:

Do you know of a link to something that will show me how to set this up?



ggilbert Wed, 03/14/2007 - 11:05
User Badges:
  • Cisco Employee,


Here is the link for that.

The only thing is, the VPN client is little bit different now. The version out on CCO is 4.8 version but the configuration pretty much is the same.

This document was created when cisco first supported VPN client to terminate on Cisco IOS routers.

Rate this post, if it helps.




This Discussion