How to build Cisco Embedded Automation System (EASy) for Remote Connections

Cisco Easy (Embedded Automation System) VPN is an IP Security (IPsec) virtual private network (VPN) solution supported by Cisco routers and security appliances. It greatly simplifies VPN deployment for remote offices and mobile workers. There are three components of the Cisco Easy VPN solution: Easy VPN Client, Easy VPN Remote, and Easy VPN Server. Cisco Easy VPN supports quality of service (QoS) and multicast, but if there is a requirement to support dynamic routing protocols or direct spoke-to-spoke communications Customers that need to deploy and manage large-scale site-to-site and remote-access VPNs should consider a Cisco Easy VPN solution because of its simplification of VPN management and configuration.

Cisco Easy VPN solution uses the Mode-Configuration (Mode-Config) mechanism within the Internet Key Exchange (IKE) to push policy (attributes) from the Easy VPN Server to the Easy VPN Client or Remote.

The attributes that can be pushed down through Mode-Config include: internal IP address, internal subnet mask, Domain Name Server (DNS) addresses, Windows Internet Name Service (WINS) addresses, backup server list, domain name, client firewall policy, Cisco IOS ® Software configuration, login banner, and Split Tunneling Include List.