anon.ms anon ms it guy: more than break-fix

19Nov/090

Use your Cisco as a PPTP VPN Server

Hey,

If you're lazy like me and wish to set up a PPTP VPN Server instead of a Cisco IPSec one, you can with Virtual Private Dialup Networking (VPDN).

It's pretty easy.

In this example I will not be configuring any authentication other than local.

RouterA(config)# aaa authentication ppp default local

Enable Virtual Private Dialup Networking

RouterA(config)# vpdn enable

Define a VPDN Group, specify protocol and assign a Virtual Template interface. This will be used for incoming connections.

RouterA(config)# vpdn-group MyPPTPGroup
RouterA(config-vpdn)# accept-dialin
RouterA(config-vpdn-acc-in)# protocol pptp
RouterA(config-vpdn-acc-in)# virtual-template 1

Define some servers on your local network. These will be assigned to PPTP Clients.

RouterA(config)# async-bootp dns-server 192.168.0.32
RouterA(config)# async-bootp nbns-server 192.168.0.32

Set up the Virtual Template interface

RouterA(config)# interface Virtual-Template1
RouterA(config-if)# ip unnumbered Vlan1
RouterA(config-if)# peer default ip address pool PPTP-Pool
RouterA(config-if)# no keepalive
RouterA(config-if)# ppp encrypt mppe 128
RouterA(config-if)# ppp authentication ms-chap ms-chap-v2

Specify our local address pool

RouterA(config)# ip local pool PPTP-Pool 192.168.0.200 192.168.0.210 ! Same range as my Vlan 1

To see who's connected, do a show users

Nice and easy huh? At least we don't have to worry about pushing Cisco VPN Clients to everyone.

anon ms.

Tagged as: , , , No Comments