Scribd Logo
Upload

Welcome to Scribd!

  • 4 views

    VPN 2 (Correccion)

    Uploaded by

    Fa Stidio
    vpn cisco

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    VPN 2 (Correccion)

    Uploaded by

    Fa Stidio
    4 views13 pages
    vpn cisco

    Original Title

    VPN 2(Correccion)

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    vpn cisco

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    4 views13 pages

    VPN 2 (Correccion)

    Uploaded by

    Fa Stidio
    vpn cisco

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 13

    VIRTUAL PRIVATE NETWORK

    VPN CLIENT

    VIRTUAL PRIVATE NETWORK

    INTERNET

    VIRTUAL PRIVATE NETWORK


    Pool VPN: X.X.X.X.

    INTERNET

    VPN CLIENT CISCO.-

    System Requirements
    Cisco VPN Client 5.0.07 supports the following Microsoft OSs:
    Windows 7 on x64 (64-bit)
    Windows 7 on x86 (32-bit) only
    Windows Vista on both x86 (32-bit) and x64
    Windows XP on x86
    VPN Client does not support the Tablet PC 2004/2005; and Windows 2000, NT, 98, and ME.

    VPN CLIENT CISCO.-

    http://www.4shared.com/rar/H154vgfQ/vpnclient-winx64-msi-50070440-.html

    CONFIGURACIN VPN CLIENT


    MODELO SIMULACIN GNS3

    Simulacin VPN Client Cisco NAT ( GNS3 )

    Aplicacin GNS3

    Equipo RED

    10.184.124.30/24

    Configuracin VPN CLIENT Routers ( GNS3)

    Configuracin R1
    Autentificacin Local

    aaa new-model
    !
    aaa authentication login userauthen local
    aaa authorization network groupauthor local
    !
    aaa session-id common
    !
    username user password 0 cisco
    !
    crypto isakmp policy 3
    encr 3des
    authentication pre-share
    group 2
    !
    crypto isakmp client configuration group vpnclient
    key cisco123
    pool ippool
    !
    crypto ipsec transform-set myset esp-3des esp-md5-hmac
    !
    crypto dynamic-map dynmap 10
    set transform-set myset
    reverse-route
    !
    crypto map mymap client authentication list userauthen
    crypto map mymap isakmp authorization list groupauthor
    crypto map mymap client configuration address respond
    crypto map mymap 5 ipsec-isakmp dynamic dynmap
    !
    interface FastEthernet0/0
    ip address 10.184.124.29 255.255.255.0
    crypto map mymap
    !
    ip local pool ippool 192.168.1.1 192.168.1.2
    !

    Local Authentication
    Name
    Password

    Fase-1

    VPN Group Authentication


    Name
    Password

    Fase-2

    Aplica Crypto map a interfaz


    Pool VPN para Clientes.

    Configuracin NAT Routers ( GNS3)

    interface FastEthernet0/0
    ip address 10.184.124.29 255.255.255.0
    ip nat outside
    !
    interface FastEthernet0/1
    ip address 192.168.0.1 255.255.255.0
    ip nat inside
    !

    Habilitacin NAT
    en puertas

    ip nat pool outsidepool 10.184.124.29 10.184.124.29 netmask 255.255.255.0

    ip nat inside source route-map nonat pool outsidepool

    IP para pool de NAT

    Aplicacin de exclusin de Trfico interesante al NAT

    access-list 101 deny ip 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255


    access-list 101 permit ip 192.168.0.0 0.0.0.255 any
    !

    Lista 101 que excluye del NAT trfico interesante

    route-map nonat permit 10


    match ip address 101

    Route-Map asociado a lista 101

    Configuracin VPN CLIENT Equipo Remoto.

    Aplicacin GNS3

    Equipo RED

    10.184.124.30/24

    Configuracin VPN CLIENT Equipo Remoto.


    Autentificacin LOCAL

    FASE I , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES

    R1#SH CRYPTO ISAKmp SA


    IPv4 Crypto ISAKMP SA
    dst
    src
    10.184.124.29 10.184.124.30
    IPv6 Crypto ISAKMP SA

    Equipo RED

    10.184.124.30/24

    state
    conn-id slot status
    QM_IDLE 1007 0 ACTIVE

    Aplicacin GNS3

    FASE II , VPN CLIENT ROUTER CONCENTRADOR DE TUNELES

    Aplicacin GNS3

    Equipo RED

    10.184.124.30/24

    You might also like