Configuring the VPN Server

This section describes how to configure theIPsecInternet Protocol security. IPsec is a protocol suite for secure IP communications that authenticates and encrypts each IP packet in a communication session.VPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.server on theManaged Device. For more details, seeVirtual Private Networks.Theremote APRemote APs extend corporate network to the users working from home or at temporary work sites. Remote APs are deplyed at branch office sites and are connected to the central network on a WAN link.will be aVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.client that connects to theVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.server on theManaged Device.

下面的过程介绍如何配置theVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.server:

1.In theManaged Networknode hierarchy, navigate to theConfiguration>Services>VPNtab.

2.ClickIKEv1accordion.

3.ClickL2tpcheck box to enable L2tp.

4.SelectPAP (Password Authentication Protocol)check box forAuth protocols.

5.To configure theL2TPLayer-2 Tunneling Protocol. L2TP is a networking protocol used by the ISPs to enable VPN operations.IP pool, clickGeneral VPNoption.

6.Click+in theAddress Poolstable.

7.Enter thePool nameto configure theL2TPLayer-2 Tunneling Protocol. L2TP is a networking protocol used by the ISPs to enable VPN operations.pool from which the APs will be assigned addresses.

8.Enter the value of theStart address (ipv4/v6)andEnd address (ipv4/v6)fields.

9.ClickSubmit.

The size of the pool should correspond to the maximum number of APs that theMobility Masteris licensed to manage.

10.To configure anISAKMPInternet Security Association and Key Management Protocol. ISAKMP is used for establishing Security Associations and cryptographic keys in an Internet environment.encryptedsubnetSubnet is the logical division of an IP network.andPSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access., click theShared Secretsaccordion.

11.Click+in theIKE Shared Secretstable.

12.In theCreate IKE Grouptable, enter the value forShared keyand re-enter the key inRetype shared key.

13.ClickSubmit.

14.ClickPending Changes.

15.In thePending Changeswindow, select the check box and clickDeploy changes.

The followingCLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions.commands configure theVPNVirtual Private Network. VPN enables secure access to a corporate network when located remotely. It enables a computer to send and receive data across shared or public networks as if it were directly connected to the private network, while benefiting from the functionality, security, and management policies of the private network. This is done by establishing a virtual point-to-point connection through the use of dedicated connections, encryption, or a combination of the two.server:

(host) [md] (config) #vpdn group l2tp

(host) [md] (config-submode) #ppp authentication PAP

(host) [md] (config-submode) #ip local pool

(host) [md] (config) #crypto isakmp key address netmask