I had an interesting request come across my desk, where I needed to configure a site-to-site VPN for some internet connected devices, but the devices were not allowed to connect internally to our network. So basically, I needed to tunnel the internet traffic back to our headend without allowing access to the internal network. The remote location also wouldn’t have a static IP. Having used EZVPN in the past, I figured this would be another great use case. Unfortunately I spent way too many hours trying to find a good example of how to get this setup working, so I figured I’d share my config for anyone else who may be struggling with a similar setup.
IOS Router Config (EZVPN Client)
crypto ipsec client ezvpn ez connect auto group MyTunnelGroup key MySecretKey mode client peer 10.10.10.1 username MyVPNUser password MyPassword xauth userid mode local ! interface Fa0/0 description WAN…
View original post 367 mots de plus