cisco vpn - Google Search - Google Chrome 2020-03-12 3_30_19 PM (2)
Eric U Ngabonziza

How to build Cisco Embedded Automation System (EASy) for Remote Connections

Cisco Easy (Embedded Automation System) VPN is an IP Security (IPsec) virtual private network (VPN) solution supported by Cisco routers and security appliances. It greatly simplifies VPN deployment for remote offices and mobile workers. There are three components of the Cisco Easy VPN solution: Easy VPN Client, Easy VPN Remote, and Easy VPN Server. Cisco Easy VPN supports quality of service (QoS) and multicast, but if there is a requirement to support dynamic routing protocols or direct spoke-to-spoke communications Customers that need to deploy and manage large-scale site-to-site and remote-access VPNs should consider a Cisco Easy VPN solution because of its simplification of VPN management and configuration.

Cisco Easy VPN solution uses the Mode-Configuration (Mode-Config) mechanism within the Internet Key Exchange (IKE) to push policy (attributes) from the Easy VPN Server to the Easy VPN Client or Remote.

The attributes that can be pushed down through Mode-Config include: internal IP address, internal subnet mask, Domain Name Server (DNS) addresses, Windows Internet Name Service (WINS) addresses, backup server list, domain name, client firewall policy, Cisco IOS ® Software configuration, login banner, and Split Tunneling Include List.

STEP 1: Interface configuration

STEP 2: Object-Group configuration

STEP 3: DHCP configuration

STEP 4: Access-List or Security Policy configuration

STEP 5: NAT (Network Address Translation) configuration

STEP 6: AAA (Authentication Authorization and Accounting) configuration

STEP 7: Policy-map & Class-map configuration

STEP 8: Cisco Easy VPN configuration

STEP 9: Management/access configuration

STEP 10: Configuration Verification

AuthorEric Uwonkunda Ngabonziza

Share this post

Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on pinterest
Share on print
Share on email