Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Specific VPN requirements, need help selecting correct technology

I need assistance selecting the correct vpn technology to meet my requirements.

I have a 2801 router that I will be using to terminate the vpn sessions. I will be using 871 series routers for the remote clients. The requirements that make it difficult for me to determine how to configure are:

The 871 routers WAN ip address will be dynamic, so I cant use standard IPSEC lan to lan configuration. The solution needs to allow the connection from any address.

The remote sites will also need to pass traffic between remote sites. I need to allow this because this VPN is going to be used for IP Phones and I want clients at remote sites to be able to call each other.

Some of the solutions I have seen require the remote user to enter a username and password from the CLI on their 871 to bring up the tunnel. If at all possible I dont want this to be a dependency.

I am familiar with cisco routers and can usually make a config work if provided an example, but I dont know enough about the various VPN options to choose the correct solution. Any help is greatly appreciated.

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Specific VPN requirements, need help selecting correct techn

If you need spoke-to-spoke vpn connection as well, you can try DMVPN.

http://www.cisco.com/en/US/products/ps6658/prod_presentation_list.html

4 REPLIES

Re: Specific VPN requirements, need help selecting correct techn

If you need spoke-to-spoke vpn connection as well, you can try DMVPN.

http://www.cisco.com/en/US/products/ps6658/prod_presentation_list.html

New Member

Re: Specific VPN requirements, need help selecting correct techn

Hi kwu2, thanks for the reply.

The remote sites dont need to talk directly to each other, their traffic can flow thru the hub router if that makes for a simplier solution. There is only going to be about 6 sites and the only traffic will be RTP and Skinny from a single phone per location.

Re: Specific VPN requirements, need help selecting correct techn

Ok, in that case, you can use dynamic crypto map on Hub router, like the router config in the following link.

http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a008051a69a.shtml

Any you need pay attention to those routing and ACL setting on spoke and hub routers, you can refer to the following example.

http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a0080093dc8.shtml

New Member

Re: Specific VPN requirements, need help selecting correct techn

Hi kwu2:

I went with your orignal advice and setup spoke-to-spoke dmvpn with minimal trouble. I used this document as an example.

http://www.cisco.com/en/US/partner/tech/tk583/tk372/technologies_configuration_example09186a008014bcd7.shtml

Thanks Again

129
Views
0
Helpful
4
Replies
CreatePlease to create content