Configure VPN on Router

Unanswered Question
Nov 29th, 2007
User Badges:

I have the VPN configured on the the "corp" router and it works fine. How do I also allow clients on the inside of the corp router to use the vpn client to connect to other routers?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Thu, 11/29/2007 - 21:11
User Badges:
  • Green, 3000 points or more

Hi Chris, you need to allow the ipsec or pptp vpn ports and apply acl to your outbound interface facing internet.


e.g.


If using Cisco VPN client it needs UDP 500, UDP 4500 and protocol ESP.



access-list 101 permit udp any any eq 500 log

access-list 101 permit udp any any eq 4500 log

access-list 101 permit esp any any log



Interface Serial0/0

ip access-group 101 in





if using Microsft PPTP vpn client you need to allow tcp 1732 and protocol GRE.


access-list 101 permit tcp any any eq 1723 log

access-list 101 permit gre any any log


Interface Serial0/0

ip access-group 101 in



If using both vpn clients combine the acl 101 together and apply it to outbound interface.

This will allow your inside users to be able to vpn outbound to to the outside world.




pls rate any helpful posts !

Rgds

Jorge


Actions

This Discussion