[NET]Configuring the Cisco Router and VPN Clients Using PPTP and MPPE

Cisco라우터에서 PPTP VPN을 받아주는 시험을 해봤다. 원격에서 VPN연결하면 사설을 사용하는 사무실의 네트웍과 많은 일을 할 수 있을것이다. Cisco2621 Ver 12.2(31)과 Windows Xp를 이용하여 시험했다. 아래는 구성도와 라우터의 샘플이다.

2621#show run
Building configuration…
Current configuration : 1566 bytes
!
version 12.2
service timestamps debug datetime msec localtime
service timestamps log datetime msec localtime
no service password-encryption
!
hostname 2621
!
boot system flash
logging queue-limit 100
enable secret 5 $1$dGFC$VA28yOWzxlCKyj1dq8SkE/
!
username cisco password 0 cisco123
username client password 0 testclient
ip subnet-zero
ip cef
!
no ip domain lookup
ip domain name cisco.com
!
vpdn enable
!— Enable VDPN.
vpdn-group 1
!— Default PPTP VPDN group.
accept-dialin
protocol pptp
virtual-template 1
!
voice call carrier capacity active
!
no voice hpi capture buffer
no voice hpi capture destination
!
mta receive maximum-recipients 0
!
controller T1 0/0
framing sf
linecode ami
!
controller T1 0/1
framing sf
linecode ami
!
interface Loopback0
ip address 10.100.100.1 255.255.255.0
ip nat inside
!
interface FastEthernet0/0
ip address 172.16.142.191 255.255.255.0
no ip route-cache
no ip mroute-cache
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 10.130.13.13 255.255.0.0
duplex auto
speed auto
!
!— Create virtual-template interface used for “cloning”
!— virtual-access interfaces using address pool “test”
!— with CHAP authentication, PAP, and MS-CHAP.
interface Virtual-Template1
ip unnumbered FastEthernet0/0
peer default ip address pool test
no keepalive
ppp encrypt mppe auto
ppp authentication pap chap ms-chap
!
!— Create IP Pool named “test” and specify IP range.
ip local pool test 192.168.1.1 192.168.1.250
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.142.1
!
ip pim bidir-enable
!
call rsvp-sync
!
mgcp profile default
!
dial-peer cor custom
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
password cisco
login
!
!
end
2621#