Worksheet for Easy VPN Server

 

Complete this worksheet before you create your Easy VPN Server connections.

You can use SDM to configure Easy VPN Server.

 

PREREQUISITS

Question

Answer

Does your router have a crypto image?

 

Is the VPN peer device accessible from this router?

 

 

 

 

 

CONFIGURATION INFORMATION

 

Item

SDM Default

Your choice

1

Interface for the Easy VPN Server 

 

 

2

Authentication Mechanism – Pre-Shared Keys or Digital Certificates or both?

Note: If you use digital certificates make sure a digital certificate is configured on the router

 

 

3

IKE Policy

 

 

    Encryption

3DES

 

    Hash

SHA

 

    Authentication

 

 

    DH Group

Group 2

 

4

Transform Set

 

 

 

    Integrity Algorithm

ESP_SHA_HMAC

 

 

    Encryption Algorithm

ESP_3DES

 

 

    AH

ESP_SHA_HMAC

 

 

    Mode

Tunnel

 

 

    IP Compression

 

 

5

Group Authorization and Group Policy Lookup – Local or RADIUS or both.

Note: If you select RADIUS add at least one RADIUS server

 .

Local

 

6

User Authentication (XAuth) – Local RADIUS and Local.

Note: If you select RADIUS add at least one RADIUS server

 If you have selected Radius option button  or  Existing AAA method list option button the Notify password expiry checkbox will be displayed (Radius method  should have been configured in the selected method )

Local

 

7

Radius Servers.

Note: if you have selected Radius or Radius  and Local  in Group Authorization and Group Policy Lookup screen or User Authentication (XAuth) – Local RADIUS and Local screen .  Radius Servers screen has come.

 if you have selected Digital certificates in the Interface and Authentication screen and Radius or Radius and Local  option in Group Authorization and Group Policy Lookup screen the PKI-based per user policy download check box has displayed .

 

   
8

Group Authorization and User Group Policies.  

Note: Add at least one local group in the step 5 if you select "local" or "RADIUS and local"  as group authorization.

 

   

9

Cisco Tunneling Control Protocol (cTCP) Note:                                                                if CTCP has not been not configured previously this screen has come.

 

 10000