Easy VPN Remote Access.pdf

(1567 KB) Pobierz

Secured

Connectivity

Configuring Cisco Easy VPN Remote Access

928571175.038.png

Cisco Easy VPN Components

Cisco Easy VPN is made up of two components:

Cisco Easy VPN Server: Enables Cisco IOS routers, Cisco

ASA/Cisco PIX Firewall, and Cisco VPN 3000 Series

Concentrators to act as VPN headend devices in site-to-site or

remote-access VPNs, where the remote office devices are using

the Cisco Easy VPN Remote feature.

Cisco Easy VPN Remote: Enables Cisco IOS routers, Cisco

ASA/Cisco PIX Firewall, and Cisco VPN 3002 Hardware Clients

or Cisco VPN Software Clients to act as remote VPN Clients.

928571175.039.png

Remote Access Using Cisco Easy VPN

PC with Cisco Easy VPN

Remote Client v4.x

Cisco Series 800 Router

Headquarters

Cisco 2600 Router

Cisco 1800 Router

Cisco IOS

Router with

Cisco Easy

VPN Server

Cisco VPN

Concentrator

Cisco ASA

928571175.040.png

928571175.041.png

928571175.001.png

928571175.002.png

928571175.003.png

928571175.004.png

928571175.005.png

928571175.006.png

928571175.007.png

928571175.008.png

928571175.009.png

928571175.010.png

928571175.011.png

928571175.012.png

928571175.013.png

928571175.014.png

928571175.015.png

928571175.016.png

928571175.017.png

928571175.018.png

928571175.019.png

928571175.020.png

928571175.021.png

928571175.022.png

928571175.023.png

928571175.024.png

Cisco Easy VPN Remote Modes of

Operation

Client mode

− Specifies that NAT or PAT be used

− Client automatically configures the NAT or PAT translation and the ACLs needed to

implement the VPN tunnel

ip nat inside command applied to all inside interfaces

ip nat outside command applied to interface configured for Cisco Easy VPN Remote

Network extension mode

– Specifies that the hosts at the client end of the VPN connection use fully routable IP

addresses

– PAT not used

Network extension plus mode

–

Additional capability of being able to request an IP address via mode configuration and

automatically assign it to an available loopback interface

–

IPsec SAs for this IP address automatically created by Cisco Easy VPN Remote

–

IP address typically used for troubleshooting (using ping, Telnet, and SSH)

928571175.025.png

Cisco Easy VPN Remote Client Mode

10.0.1.X

NAT or PAT

192.168.1.X

192.168.1.2

VPN Tunnel

192.168.1.X

Cisco Easy

VPN Server

Cisco 831 Ethernet

Broadband Router

Uses NAT or PAT

928571175.026.png

928571175.027.png

928571175.028.png

928571175.029.png

928571175.030.png

928571175.031.png

928571175.032.png

928571175.033.png

928571175.034.png

928571175.035.png

928571175.036.png

928571175.037.png

Plik z chomika:

Inne pliki z tego folderu:

final32.doc (871 KB)
ALL sort.doc (244 KB)
u336s_v3_UsersGuide.pdf (546 KB)
u336s_man.pdf (1400 KB)
NeoTraceProTrial325.exe (1606 KB)

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin