Newbie VPN - Site to site using Cisco and Microsoft
I'm trying to setup a vpn connection between a microsoft windows 2003 server that is behind a linksys wireless router and a cisco 1811w. Both sites have static IPs. I'm new to cisco and thoroughly confused! I'd be totally lost without the SDM! I was able to successfully setup an easy vpn server connection so I can connect using a cisco vpn client, but cannot get a site to site connection going.
Here are my questions:
1) What is the best way to establish a site-to-site connection? The Linksys does support PPTP and IPSec passthrough and that is turned on.
2) Is there any documentation out there that describes how to setup both sides? If not both sides, then at least the Cisco side?
Just to show that I have done some reading and have tried doing this, here are the commands I tried to setup PPTP on the router in the CLI:
aaa authentication ppp default local
aaa authorization network default local
interface virtual-template 1
ip unnumbered fastethernet 1
ppp authentication ms-chap ms-chap-v2
ppp chap hostname RRSTSVPN
ppp chap password xxxxx
peer default ip address pool default
ppp encrypt mppe auto required
ip local pool default 10.0.2.10 10.0.2.20
If anyone could guide me in the right direction at all, I'd be extremely thankful!
Re: Newbie VPN - Site to site using Cisco and Microsoft
Thanks for the reply! Reading back through my initial message, I realized it was a little confusing. I'm trying to establish a site to site that's something like this:
MS RRAS <-> Linksys wireless <-> Internet <-> Cisco 1811w
I was going to try for a PPTP connection because I've been told that's the easiest to setup. There's no top-secret stuff that will be going across it, just need a way to join two sites for database synching.
Does anyone know of any documentation that shows what to do to get the RRAS demand dialer to connect to the Cisco router?
Also, if I setup PPTP on the cisco router, does that setup the cabability for a MS PPTP CLIENT to connect directly to the Cisco router as well, or would that be configured two different ways?
The reason I'm asking, is it seems like it would be easier to trial and error a connection from an MS PPTP client to the Cisco router. Then once I get that to work, I can tweak settings in the RRAS interface (using the same credentials I was able to successfully connect with using the MS PPTP client), to get it to work. Again, I'm new to Cisco, so maybe my thinking isn't straight.
Any tips, suggestions, links, are greatly appreciated!
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...