7200 as VPN Concentrator

ar · ‎02-07-2012

Hi.

I have a 7206 as my MPLS PE.

I want to setup a remote ipsec vpn access to this and map to one of the mpls vpn/vrfs.

I will use a cisco vpn client on the remote site.

What is the minimum IOS for 7200 to run IPSEC. I find the old 12.2(31) SB16 dont have "crypto" configurations.

Also any documentation how i can configured the 7200 to match with the cisco vpn client software?

I'm trying to explore the vrf-aware ipsec but Im not sure it this will work with the cisco vpn client.

thanks

paolo bevilacqua · ‎02-07-2012

First of all you should consider buying a crypto module for your router, otherwise it will not really work or perform very well.

ar · ‎02-14-2012

Yeah I will include the module accelerator.

I'm concerned more of how to configure the 7200 as VPN concentrator for remote sites (dial-up with unknown public ip).

Also would like to use SSL.

Remote site will either use cisco or microsoft vpn clients....

Any good documentation for this?

paolo bevilacqua · ‎02-17-2012

Plenty, and just a search click away

Come back anytime if you have specific questions...

ar · ‎02-17-2012

yeah many.

Though I havent seen a solid document for vrf-aware ipsec combining dynamic-maps at static crypto peers.

I managed to test site-to-site and its working. I tested IPSEC to MPLS VPN connection.

Now I want to test dynamic-maps where the VPN concentrator will set peer as 0.0.0.0.

It's not working on my tests.

Any good docs for combining dynamic/static maps in one interface crypto-map?