Hi Dan, Have a look this simple example on CCO for configuring L2TP over IPSec.
I guess your router should be configured as LAC for your clients and then initiate a session to the LNS located at your VPN SP. Then the L2TP session between your router (LAC) and your provider router (LNS) should be encrypted using IPSec. I hope this is what you are looking for. Sercan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Dan Letkeman Sent: Sunday, May 30, 2010 7:38 AM To: cisco-nsp Subject: [c-nsp] ios l2tp ipsec vpn help I'm struggling with getting a connection to our vpn service provider from our 2821 router. I would like to terminate the vpn on the router so I can route certain traffic through the vpn. Example info I got from our vpn provider is: address: vpn.provider.com username: user password: pass l2tp shared secret: asdfasdfasdfasfd They support l2tp over ipsec, pptp and sstp. >From the research I have done so far, I have found that ios does not support outgoing pptp connections, and I cannot for the life of me find a working l2tp over ipsec configuration that makes sense. I do have an hwic-4esw card in the router that I am trying to make the vpn connection from, so I'm wondering if that is where i'm having the trouble....I'm also running NAT on the interfaces on this router, which could also be part of my problem. I'm a bit confused with the LAC, LNS, client-initiated, client peer, lan to lan, etc, configurations on the Cisco site. I'm assuming that i should not be setting up my router as an LAC, but instead as a client? Does anyone know if this even works? Or is the vpn support on an IOS router only for router to router configurations? Thanks, Dan. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Note:The information contained in this message may be privileged and confidential and protected from disclosure . If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thankyou. ThruPoint Ltd. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
