Cisco CISCO876-SEC-I-K9 Configuration Guide - Page 69

Chapter 6 Configuring a VPN Using Easy VPN and an IPSec Tunnel Note The Cisco Easy VPN client feature supports configuration of only one destination peer. If your application requires creation of multiple VPN tunnels, you must manually configure the IPSec VPN and Network Address Translation/Peer Address Translation (NAT/PAT) parameters on both the client and the server. Configuration Tasks Perform the following tasks to configure your router for this network scenario: • Configure the IKE Policy • Configure Group Policy Information • Apply Mode Configuration to the Crypto Map • Enable Policy Lookup • Configure IPSec Transforms and Protocols • Configure the IPSec Crypto Method and Parameters • Apply the Crypto Map to the Physical Interface • Create an Easy VPN Remote Configuration An example showing the results of these configuration tasks is provided in the "Configuration Example" section on page 6-11. Note The procedures in this chapter assume that you have already configured basic router features as well as PPPoE or PPPoA with NAT, DCHP and VLANs. If you have not performed these configurations tasks, see Chapter 1, "Basic Router Configuration," Chapter 3, "Configuring PPP over Ethernet with NAT," Chapter 4, "Configuring PPP over ATM with NAT," and Chapter 5, "Configuring a LAN with DHCP and VLANs" as appropriate for your router. Note The examples shown in this chapter refer only to the endpoint configuration on the Cisco 870 series router. Any VPN connection requires both endpoints be configured properly to function. See the software configuration documentation as needed to configure VPN for other router models. OL-5332-01 Cisco 850 Series and Cisco 870 Series Access Routers Software Configuration Guide 6-3