Cisco Systems OL-6426-02 Benutzerhandbuch
B E TA D R A F T - C I S C O C O N F I D E N T I A L
7-5
Cisco 1800 Series Integrated Services Routers (Fixed) Software Configuration Guide
OL-6426-02
Chapter 7 Configuring VPNs Using an IPSec Tunnel and Generic Routing Encapsulation
Configure a VPN
Enable Policy Lookup
Perform these steps to enable policy lookup through AAA, beginning in global configuration mode:
Step 4
domain name
Example:
Router(config-isakmp-group)# domain
company.com
Router(config-isakmp-group)#
Specifies group domain membership.
Step 5
exit
Example:
Router(config-isakmp-group)# exit
Router(config)#
Exits IKE group policy configuration mode, and
enters global configuration mode.
enters global configuration mode.
Step 6
ip local pool {default | poolname}
[low-ip-address [high-ip-address]]
[low-ip-address [high-ip-address]]
Example:
Router(config)# ip local pool dynpool
30.30.30.20 30.30.30.30
Router(config)#
Specifies a local address pool for the group.
For details about this command and additional
parameters that can be set, see the
parameters that can be set, see the
Command or Action
Purpose
Command or Action
Purpose
Step 1
aaa new-model
Example:
Router(config)# aaa new-model
Router(config)#
Enables the AAA access control model.
Step 2
aaa authentication login {default | list-name}
method1 [method2...]
method1 [method2...]
Example:
Router(config)# aaa authentication login
rtr-remote local
Router(config)#
Specifies AAA authentication of selected users at
login, and specifies the method used.
login, and specifies the method used.
This example uses a local authentication database.
You could also use a RADIUS server for this. See
the
You could also use a RADIUS server for this. See
the
and
the
for
details.