Cisco 887 Router and VPN

Answered Question
Feb 11th, 2011
User Badges:

Hi,


I've just bought a Cisco 887 Router and i've deployed it to replace my client's exisiting ADSL router. I've configured it using Cisco CP, and it's working properly. I'm trying to setup the router for VPN connectivity, so that the users who use laptops can work from outside our office. I've gone through the wizard to setup an Easy VPN Server for client access and I've setup the Pre-Shared Key and IP Range. I was trying to download the Easy VPN client the site says I need some sort of agreement to be added to our exisiting partnership account. I was able to find download links after some googling, but none of the clients, during connection setup ask for a Pre-Shared Key. So I know I'm going wrong somewhere.


I'm a newbie at this, so any kind of help would be really appreciated.


Thanks,


Arun

Correct Answer by Maykol Rojas about 6 years 5 months ago

Hi Arun,


Yes you need the cisco VPN Client in order to connect right?  When you click on New, a lot of fields display


Connection Entry

Description

And Host


The first two can be whatever you want, the Host has to be the IP of the router where the clients are going to connect.


Check where it says Group Authentication. Where it says Name go ahead and put the group name that you create for your EZVpn. Where it says password, thats where you use the pre-shared key.


Once you have those fileds done, you will be able to connect.


Hope it helps.


Mike

Correct Answer by Federico Coto F... about 6 years 5 months ago

Arun,


You need to have a valid CCO account with download rights to get the VPN client.

If you already have the client you need to set the group name and password (pre-shared key) to connect.


Federico.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.8 (5 ratings)
Loading.
Correct Answer
Federico Coto F... Sat, 02/12/2011 - 07:17
User Badges:
  • Green, 3000 points or more

Arun,


You need to have a valid CCO account with download rights to get the VPN client.

If you already have the client you need to set the group name and password (pre-shared key) to connect.


Federico.

Correct Answer
Maykol Rojas Sat, 02/12/2011 - 07:25
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

Hi Arun,


Yes you need the cisco VPN Client in order to connect right?  When you click on New, a lot of fields display


Connection Entry

Description

And Host


The first two can be whatever you want, the Host has to be the IP of the router where the clients are going to connect.


Check where it says Group Authentication. Where it says Name go ahead and put the group name that you create for your EZVpn. Where it says password, thats where you use the pre-shared key.


Once you have those fileds done, you will be able to connect.


Hope it helps.


Mike

omnitechsys Wed, 02/16/2011 - 00:33
User Badges:

Thank you for the replies.


I was able to configure the client using the settings suggested.


For any other newbie who might be facing this issue like me,  I would like to note down the steps:


I'm setting up a Cisco 887 ISR where the internet facing interface is ADSL and this router is the main router for the LAN



Configure the Easy VPN server using Cisco Configuration Professional

1.Create a Loopback interface with IP address 10.10.10.10

2. Configure a Group Name along with a Pre-Shared Key.

3. I'm using a local user database for authentication by enabling AAA logins, so the user authentication is taken care of by the router.

for those who want to configure domain authentication, here's a link a found, but haven't tried yet.

http://www.blindhog.net/cisco-aaa-login-authentication-with-radius-ms-ias/

4. Setup an IP range in your network which is not under the common DHCP pool for your vpn clients



I was facing a problem with getting a VPN client for this setup, because my CCO login doesnt have a technical agreement attached to it, and I couldn't find any pointers as to how i can add it.


So I googled and found a few links where I could download it from

http://helpdesk.ugent.be/vpn/en/akkoord.php


But this VPN client could only be installed on 32 bit systems, except for the AnyConnect client , but that supports only SSL connections, for which I would have to purchase individual user licenses.


One option to install the 32 bit client on a 64 bit Windows 7 system , was to run the client in XP mode, and then do a NAT to the host computer. A little complicated but, apparently it works!


http://blogs.nil.com/blog/2009/05/28/64-bit-windows-7-cisco-vpn-client-and-xp-mode-part-2/


After some more googling, I found that Cisco did release a 64 bit VPN client , even though it was in beta.


I'm sorry that I'm not able to paste the link for this client, because when I looked for the download link now, it's been taken offline. I tried to find it again, but all I could find were torrents. They should work too, but I haven't tried them.


The version number for this client is Cisco VPN Client 5.0.07.0290 x64


Once the client is running, you can configure the connection by giving your group name as Name and the Pre-Shared Key as your password.


Once the router has connected, you will be asked for your user login. This is where the user database comes in.


Once you put in the correct user details, you're logged in!


Hope this helps anyone who finds this.


And once again thanks to everyone for their support.


Arun Raveendran

Maykol Rojas Fri, 02/18/2011 - 20:43
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

Arun,


Thank you so much for taking your time in order to provide this detailed documentation. This is more important than you just posting this as resolved, but to have other people to use this post as a reference with your detailed explanation is really what we are looking for.


Cheers


Mike

Actions

This Discussion