Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Configuring Cisco 871W as VPN-Server


i've just trying to configure an Cisco 871W as VPN-Server for a couple of clients. The Router is placed behind our default gateway and will have a fix ip.

1. are there any sample configs (IOS 12.3(8)Y3) available to tryout and study ?

2. i need a basic configuration to get ssh-access to the router from the internet. At the moment i try to set the wan-interface as public (with the public ip) and vlan1 as private) -> it dowsn't work propperly yet. :( - are there any standards to follow or is this just the way of choice ?

kind regards, martin


Re: Configuring Cisco 871W as VPN-Server


Re: Configuring Cisco 871W as VPN-Server

New Member

Re: Configuring Cisco 871W as VPN-Server

thanks für your advice :)

i'm downloading the manuals atm and try them out just when i'm back in the office


Re: Configuring Cisco 871W as VPN-Server

please excuse me for following the entire conversation.

nonetheless, below are the sample codes for remote vpn:

aaa new-model

aaa authentication login vpnauthen local

aaa authorization network vpnauthor local

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp client configuration group vpngroup

key xxxxxxxx

pool vpnpool

acl 130

crypto ipsec transform-set vpnset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10

set transform-set vpnset

crypto map vpnmap client authentication list vpnauthen

crypto map vpnmap isakmp authorization list vpnauthor

crypto map vpnmap client configuration address respond

crypto map vpnmap 10 ipsec-isakmp dynamic dynmap

interface Ethernet0

ip address

ip nat inside

interface Dialer0

ip address

ip nat outside

crypto map vpnmap

ip local pool vpnpool

ip nat inside source route-map nonat interface Dialer0 overload

access-list 101 deny ip

access-list 101 permit ip any

access-list 130 permit ip

route-map nonat permit 10

match ip address 101

below are the sampel codes for ssh:

hostname router

ip domain-name

crypto key generate rsa


line vty 0 4

transport input telnet ssh

username cisco password cisco123

aaa new-model

CreatePlease to create content