MSCHAPv2 from 800 series router to remote VPN gateway

Unanswered Question
Mar 29th, 2007
User Badges:

I have a scenario as shown in the attachment "lifeline_routning.jpg". Two sites with several VLAN's is connected over a wireless bridge. The green VLAN is for administration of network devices. If the wireless bridge breakes down, I would like the Cisco 851 router to establish a VPN through a GPRS unit to the main site for the administrative VLAN.

The SnapGear VPN router at the main site uses MSCHAPv2 authentication.

I have enabled PPPoE on the 851, and I have configured a dialer interface with MSCHAPv2 authentication.

What I dont know, is how I configure the dialer interface to connect to the remote public WAN ip address of the Snapgear ? Should I configure a dialer map ? Is this acheived through a access list ? Or maybe VPDN ? Is there any documentation with examples on this kind of setup ?

Network layout and running-config is attached.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
carenas123 Wed, 04/04/2007 - 06:14
User Badges:
  • Silver, 250 points or more

Unique to EAP-FAST, phase zero is a tunnel-secured means of providing an EAP-FAST end-user client with a PAC for the user requesting network access.Providing a PAC to the end-user client is the sole purpose of phase zero. The tunnel is established based on an anonymous Diffie-Hellman key exchange. If EAP-MSCHAPv2 authentication succeeds, CiscoSecure ACS provides the user a PAC.


This Discussion