Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

MSCHAPv2 from 800 series router to remote VPN gateway

I have a scenario as shown in the attachment "lifeline_routning.jpg". Two sites with several VLAN's is connected over a wireless bridge. The green VLAN is for administration of network devices. If the wireless bridge breakes down, I would like the Cisco 851 router to establish a VPN through a GPRS unit to the main site for the administrative VLAN.

The SnapGear VPN router at the main site uses MSCHAPv2 authentication.

I have enabled PPPoE on the 851, and I have configured a dialer interface with MSCHAPv2 authentication.

What I dont know, is how I configure the dialer interface to connect to the remote public WAN ip address of the Snapgear ? Should I configure a dialer map ? Is this acheived through a access list ? Or maybe VPDN ? Is there any documentation with examples on this kind of setup ?

Network layout and running-config is attached.


Re: MSCHAPv2 from 800 series router to remote VPN gateway

Unique to EAP-FAST, phase zero is a tunnel-secured means of providing an EAP-FAST end-user client with a PAC for the user requesting network access.Providing a PAC to the end-user client is the sole purpose of phase zero. The tunnel is established based on an anonymous Diffie-Hellman key exchange. If EAP-MSCHAPv2 authentication succeeds, CiscoSecure ACS provides the user a PAC.