First step to the design of simple VPN

As the first step of configuring a small VPN you can connect two routers as shown in the diagram which is called Back-to-back connection and connect two switches to two Routers and you can connect your PCs to the both switches. As you all know Router a Layer 3 device seperates the broadcast domain. So you have to assign two different network addresses to the both sides.Now lets see the configuration. Since this is your first step we are not going to do any configuration to the switches as we don’t consider any VLAN or other advance options at the moment. In this topic we mainly consider about the router configurations. Here we go…

Router 0:

interface FastEthernet0/0

ip address 192.168.10.254 255.255.255.0

no shut

interface Serial2/0

ip address 10.0.0.1 255.255.255.0

no shut

ip route 192.168.11.0 255.255.255.0 10.0.0.2

copy run start

Router 1:

interface FastEthernet0/0

ip address 192.168.11.254 255.255.255.0

no shut

interface Serial2/0

ip address 10.0.0.2 255.255.255.0

clock rate 64000

ip route 192.168.10.0 255.255.255.0 10.0.0.1

copy run start

Since we use back to back configuration we need to provide the clocking to the DCE interface of the router using clock rate command which you do not need to do in reality as your CSU/DSU provide clocking there.

Then you will have to configure the IPs of the PCs according to the network addresses that we used in router ethernet interfaces and defaulte gateways of that PC should be the IP of the ethernet interface of that router. Here I have shown you only the basic configurations only. Other than this the usual configurations sucha as assignig passwords and descriptions and so on to be done.

Then you need to make sure whether everything is done correctly. Here we do that.

Router#sh ip int brief

Interface                IP-Address           OK? Method Status                Protocol
FastEthernet0/0     192.168.11.254   YES manual up                       up
Serial2/0                10.0.0.2               YES manual up                       up

Router#sh ip route

10.0.0.0/24 is subnetted, 1 subnets
C       10.0.0.0 is directly connected, Serial2/0
S    192.168.10.0/24 [1/0] via 10.0.0.1
C    192.168.11.0/24 is directly connected, FastEthernet0/0

As you can see assigning IP  and configuration of routing are done. Since we have limited number of networks here we don’t use any routing protocol to configure routing. We will see them later.

Ok then you are done. Try to ping from one side PC to other side PC. You can do it now as we do not block pings here. We will talk about how to block things such as ping and how to firewall the network later.So you can ping right?Have fun.

–Thank you for reading & hope you have got something–

–do not complain if you already know because I can’t help for that–