Possible to simulate an ADSL line in a lab?

Unanswered Question
Sep 17th, 2008
User Badges:


I have 2 Cisco 877 DSL routers. I want to practise creating a VPN between each other, apart form buying to ADSL lines is there are way I can "spoof" this?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
whiteford Wed, 09/17/2008 - 11:13
User Badges:


Damn I don't have SDSL ports. Below is my home lab kit, can you see by lookingat them if I can create a VPN locally.

1 x Pix515

1 x Cisco 2620 with 2 x WIC-1T

1 x 2950 24 port switch

1 x 1600

1 x 1721 sadly no power supply

2 x 837 ADSL router

Yes - One router has to have a crypto image.

I would create a "internet vlan" in the 2950.

Attach one 1 the routers (Internet Router) into the internet vlan and give the Eth or FE IP address of

Connect the PIX515 (Firewall 1) into the internet vlan and give the outside interface an IP of with a default route pointing to

Create another vlan called "sitea" and connect the pix inside interface into it and give it an IP of Connect another router (Router 1) to the "sitea" vlan and give the ewth or FE an IP address of

The router with the crypto image (Router 2)- connect it's eth or fe to the "internet vlan" and give it an IP address of with a default route pointing to Create a loopback interface say 0 with an IP address of

Then create the VPN between Router 2 and the PIX. The VPN src from Router 2 is the loopback0 IP network ( , and the src from Router 1 is the FE IP network (

Just spit balling - try it out, then troubleshoot it if it does not work first time around (good excercise!)


whiteford Wed, 09/17/2008 - 12:27
User Badges:

Wow! I will need some time to set this up. What router would be best for the crypto image? And how do I add a loopback?

So this is creating a VPN between 2 routers and not the Pix?

The router with a large enough flash and enough memory to run the image - the IOS download tool will tell you that.

The loopback config is easy:-

interface loopback 0

ip address x.x.x.x y.y.y.y

x.x.x.x = ip address

y.y.y.y = subnet mask

NO - this is creating a VPN between the PIX and Router 2.

As I think most of the routing devices you have only have 1 ethernet interface, it's quite limiting. But the PIX has 2 interfaces, inside and outside - so the VPN terminates on the outside interface and the un-encrypted traffic passes thru the inside to router 1.

Router 2 sadly has the VPN and LAN access on the same device - if you had a router with 2 LAN interfaces the desing would be different....you could then setup a vlan calles "siteb" then connect 1 interface from that router into the "internet vlan" and the other interface into the "siteb vlan", THEN connect ANOTHER router (router 3) into the "siteb" vlan to be the layer 3 routing device for that lab site.

Happy testing.



This Discussion