DNC-145
Cisco IOS Dial Services Configuration Guide: Network Services
Configuring Virtual Private Networks
This chapter describes how to configure, verify, maintain, and troubleshoot a Virtual Private Network
(VPN). It includes the following main sections:
• VPN Technology Overview
• Prerequisites for VPNs
• Configuring VPN
• Verifying VPN Sessions
• Monitoring and Maintaining VPNs
• Troubleshooting VPNs
• VPN Configuration Examples
For a complete description of the commands mentioned in this chapter, see the Cisco IOS Dial Services
Command Reference. To locate documentation of other commands that appear in this chapter, use the
command reference master index or search online.
VPN Technology Overview
A VPN carries private data over a public network. It extends remote access to users over a shared
infrastructure. VPNs maintain the same security and management policies as a private network. They are
the most cost-effective method of establishing a point-to-point connection between remote users and a
central network.
A benefit of access VPNs is the way they delegate responsibilities for the network. The customer
outsources the responsibility for the information technology (IT) infrastructure to an Internet service
provider (ISP) that maintains the modems that the remote users dial in to (called modem pools), access
servers, and internetworking expertise. The customer is then only responsible for authenticating its users
and maintaining its network.
Instead of connecting directly to the network by using the expensive Public Switched Telephone
Network (PSTN), access VPN users only need to use the PSTN to connect to the ISP local point of
presence (POP). The ISP then uses the Internet to forward users from the POP to the customer network.
Forwarding a user call over the Internet provides dramatic cost saving for the customer. Access VPNs
use Layer 2 tunneling technologies to create a virtual point-to-point connection between users and the
customer network. These tunneling technologies provide the same direct connectivi