cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2594
Views
0
Helpful
6
Replies

Possible to simulate an ADSL line in a lab?

whiteford
Level 1
Level 1

Hi,

I have 2 Cisco 877 DSL routers. I want to practise creating a VPN between each other, apart form buying to ADSL lines is there are way I can "spoof" this?

Thanks

6 Replies 6

andrew.prince
Level 10
Level 10

Thanks.

Damn I don't have SDSL ports. Below is my home lab kit, can you see by lookingat them if I can create a VPN locally.

1 x Pix515

1 x Cisco 2620 with 2 x WIC-1T

1 x 2950 24 port switch

1 x 1600

1 x 1721 sadly no power supply

2 x 837 ADSL router

Yes - One router has to have a crypto image.

I would create a "internet vlan" in the 2950.

Attach one 1 the routers (Internet Router) into the internet vlan and give the Eth or FE IP address of 1.1.1.1/8

Connect the PIX515 (Firewall 1) into the internet vlan and give the outside interface an IP of 1.1.2.1/8 with a default route pointing to 1.1.1.1

Create another vlan called "sitea" and connect the pix inside interface into it and give it an IP of 192.168.1.1/24. Connect another router (Router 1) to the "sitea" vlan and give the ewth or FE an IP address of 192.168.1.2/24

The router with the crypto image (Router 2)- connect it's eth or fe to the "internet vlan" and give it an IP address of 1.1.3.1/8 with a default route pointing to 1.1.1.1. Create a loopback interface say 0 with an IP address of 192.168.2.1/24

Then create the VPN between Router 2 and the PIX. The VPN src from Router 2 is the loopback0 IP network (192.168.2.0/24) , and the src from Router 1 is the FE IP network (192.168.1.0/24)

Just spit balling - try it out, then troubleshoot it if it does not work first time around (good excercise!)

HTH>

Wow! I will need some time to set this up. What router would be best for the crypto image? And how do I add a loopback?

So this is creating a VPN between 2 routers and not the Pix?

The router with a large enough flash and enough memory to run the image - the IOS download tool will tell you that.

The loopback config is easy:-

interface loopback 0

ip address x.x.x.x y.y.y.y

x.x.x.x = ip address

y.y.y.y = subnet mask

NO - this is creating a VPN between the PIX and Router 2.

As I think most of the routing devices you have only have 1 ethernet interface, it's quite limiting. But the PIX has 2 interfaces, inside and outside - so the VPN terminates on the outside interface and the un-encrypted traffic passes thru the inside to router 1.

Router 2 sadly has the VPN and LAN access on the same device - if you had a router with 2 LAN interfaces the desing would be different....you could then setup a vlan calles "siteb" then connect 1 interface from that router into the "internet vlan" and the other interface into the "siteb vlan", THEN connect ANOTHER router (router 3) into the "siteb" vlan to be the layer 3 routing device for that lab site.

Happy testing.

HTH>

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: