Prev: ipv6 route ::/0 Null0 200 - applied, no traffic possible
Next: Cisco VPN Client and UMTS on Windows 7
From: JF Mezei on 6 May 2010 05:35
I need to have my Mac laptop access my LAN from remote wi-fi/mobile
networks. The Mac does have "Cisco VPN" capabilities.

I would greatly appreciate a pointer to some cookbook on what needs to
be done to set this up. (or some config that works).


Is it correct that Cisco VPN uses port 1723 with the IP/GRE protocol ?
How does the router itself intercept incoming GRE connection request ?
Via NAT entry pointing to the router's own IP address ?

In terms of authentication, if I already have a minimal radius server on
the Cisco, is this enough to authenticate VPN clients ? Or do I need a
more sophisticated server on another machine ?

In terms of DHCP, will the router issue the client an IP address, or
would DHCP request from the remote client make it to the lan and served
by the LAN's own DHCP server ?
From: Rob on 6 May 2010 05:48
JF Mezei <jfmezei.spamnot(a)vaxination.ca> wrote:
> I need to have my Mac laptop access my LAN from remote wi-fi/mobile
> networks. The Mac does have "Cisco VPN" capabilities.
>
> I would greatly appreciate a pointer to some cookbook on what needs to
> be done to set this up. (or some config that works).
>
>
> Is it correct that Cisco VPN uses port 1723 with the IP/GRE protocol ?
> How does the router itself intercept incoming GRE connection request ?
> Via NAT entry pointing to the router's own IP address ?
>
> In terms of authentication, if I already have a minimal radius server on
> the Cisco, is this enough to authenticate VPN clients ? Or do I need a
> more sophisticated server on another machine ?
>
> In terms of DHCP, will the router issue the client an IP address, or
> would DHCP request from the remote client make it to the lan and served
> by the LAN's own DHCP server ?

Are you sure this "Cisco VPN" on the Mac is in fact that port 1723 with
the IP/GRE protocol? (commonly known as PPTP)

It is possible to configure PPTP on a Cisco, and I could show you how,
but it would not surprise me if that is not what the Mac is actually
trying to use...
From: JF Mezei on 6 May 2010 06:35
Rob wrote:

>
> Are you sure this "Cisco VPN" on the Mac is in fact that port 1723 with
> the IP/GRE protocol? (commonly known as PPTP)

The Mac offers the following VPN options:

L2TP over IPsec
PPTP
Cisco IPsec

I *assume* that the Cisco IPsec is the one that would have the best
chance of working on a 871W router.
From: Rob on 6 May 2010 07:14
JF Mezei <jfmezei.spamnot(a)vaxination.ca> wrote:
> Rob wrote:
>
>>
>> Are you sure this "Cisco VPN" on the Mac is in fact that port 1723 with
>> the IP/GRE protocol? (commonly known as PPTP)
>
> The Mac offers the following VPN options:
>
> L2TP over IPsec
> PPTP
> Cisco IPsec
>
> I *assume* that the Cisco IPsec is the one that would have the best
> chance of working on a 871W router.

Probably. I don't know what config it assumes, though.
Maybe you can find documentation on the Apple website.
From: Doug McIntyre on 6 May 2010 08:47
JF Mezei <jfmezei.spamnot(a)vaxination.ca> writes:
>> Are you sure this "Cisco VPN" on the Mac is in fact that port 1723 with
>> the IP/GRE protocol? (commonly known as PPTP)

>The Mac offers the following VPN options:

>L2TP over IPsec
>PPTP
>Cisco IPsec

>I *assume* that the Cisco IPsec is the one that would have the best
>chance of working on a 871W router.

Cisco IPSec is an implementation that is supposed to work just like
the 'Cisco IPSec VPN Client' software that Cisco makes (but did such a
poor job porting it to the Mac in the past, so Apple must have
partnered with them to do a working one).

Following any of the guides for Cisco VPN Client to IOS config should
get you there.

I haven't done this though, since I have VPNTracker licenses, which
can be setup to work with just about anything & everything with very
little effort.

 | 
Pages: 1
Prev: ipv6 route ::/0 Null0 200 - applied, no traffic possible
Next: Cisco VPN Client and UMTS on Windows 7