VPN 2 (Correccion)

VIRTUAL PRIVATE NETWORK
VPN CLIENT
INTERNET

Pool VPN: X.X.X.X.
INTERNET
VPN CLIENT CISCO.-
System Requirements
Cisco VPN Client 5.0.07 supports the following Microsoft OSs:
Windows 7 on x64 (64-bit)
Windows 7 on x86 (32-bit) only
Windows Vista on both x86 (32-bit) and x64
Windows XP on x86
VPN Client does not support the Tablet PC 2004/2005; and Windows 2000, NT, 98, and ME.
VPN CLIENT CISCO.-
http://www.4shared.com/rar/H154vgfQ/vpnclient-winx64-msi-50070440-.html
CONFIGURACIN VPN CLIENT

MODELO SIMULACIN GNS3
Simulacin VPN Client Cisco NAT ( GNS3 )
Aplicacin GNS3
Equipo RED
10.184.124.30/24
Configuracin VPN CLIENT Routers ( GNS3)
Configuracin R1
Autentificacin Local
aaa new-model
!
aaa authentication login userauthen local
aaa authorization network groupauthor local
!
aaa session-id common
!
username user password 0 cisco
!
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group vpnclient
key cisco123
pool ippool
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
!
crypto map mymap client authentication list userauthen
crypto map mymap isakmp authorization list groupauthor
crypto map mymap client configuration address respond
crypto map mymap 5 ipsec-isakmp dynamic dynmap
!
interface FastEthernet0/0
ip address 10.184.124.29 255.255.255.0
crypto map mymap
!
ip local pool ippool 192.168.1.1 192.168.1.2
!
Local Authentication
Name
Password
Fase-1
VPN Group Authentication

Name
Password
Fase-2
Aplica Crypto map a interfaz

Pool VPN para Clientes.
Configuracin NAT Routers ( GNS3)
ip address 10.184.124.29 255.255.255.0
ip nat outside
!
ip address 192.168.0.1 255.255.255.0
ip nat inside
!
Habilitacin NAT
en puertas
ip nat pool outsidepool 10.184.124.29 10.184.124.29 netmask 255.255.255.0
ip nat inside source route-map nonat pool outsidepool
IP para pool de NAT
Aplicacin de exclusin de Trfico interesante al NAT
access-list 101 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255

access-list 101 permit ip 192.168.0.0 0.0.0.255 any
!
Lista 101 que excluye del NAT trfico interesante
route-map nonat permit 10

match ip address 101
Route-Map asociado a lista 101
Configuracin VPN CLIENT Equipo Remoto.
Aplicacin GNS3
Equipo RED
10.184.124.30/24
Configuracin VPN CLIENT Equipo Remoto.

Autentificacin LOCAL
FASE I , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES
R1#SH CRYPTO ISAKmp SA

IPv4 Crypto ISAKMP SA
dst
src
10.184.124.29 10.184.124.30
IPv6 Crypto ISAKMP SA
Equipo RED
10.184.124.30/24
state
conn-id slot status
QM_IDLE 1007 0 ACTIVE
Aplicacin GNS3
FASE II , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES
Aplicacin GNS3
Equipo RED
10.184.124.30/24

VPN 2 (Correccion)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

VPN 2 (Correccion)

Uploaded by

Copyright:

Available Formats

VIRTUAL PRIVATE NETWORK

VIRTUAL PRIVATE NETWORK

VIRTUAL PRIVATE NETWORK

VPN CLIENT CISCO.-

VPN CLIENT CISCO.-

CONFIGURACIN VPN CLIENT

Simulacin VPN Client Cisco NAT ( GNS3 )

Configuracin VPN CLIENT Routers ( GNS3)

VPN Group Authentication

Aplica Crypto map a interfaz

Configuracin NAT Routers ( GNS3)

ip nat pool outsidepool 10.184.124.29 10.184.124.29 netmask 255.255.255.0

ip nat inside source route-map nonat pool outsidepool

IP para pool de NAT

Aplicacin de exclusin de Trfico interesante al NAT

access-list 101 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255

Lista 101 que excluye del NAT trfico interesante

route-map nonat permit 10

Route-Map asociado a lista 101

Configuracin VPN CLIENT Equipo Remoto.

Configuracin VPN CLIENT Equipo Remoto.

FASE I , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES

R1#SH CRYPTO ISAKmp SA

FASE II , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES

You might also like