Remote Access

IPsec Remote-access VPNs

Cisco VPN Client

The Cisco VPN Client is simple to deploy and operate. It allows organizations to establish end-to-end, encrypted VPN tunnels for secure connectivity for mobile employees or telecommuters.

To initiate an IPsec connection using the Cisco VPN client, all the user must do is open the Cisco VPN client window, as shown in Figure 1. The Cisco VPN client application lists the available preconfigured sites. The user double-clicks a site to select it and the VPN client initiates the IPsec connection. In the user authentication dialog box, the user is authenticated with a username and password, as shown in Figure 2. After authentication, the Cisco VPN Client displays a connected status.

Most of the VPN parameters are defined on the Cisco IOS Easy VPN Server to simplify deployment. After a remote client initiates a VPN tunnel connection, the Cisco Easy VPN Server pushes the IPsec policies to the client, minimizing configuration requirements at the remote location.

This simple and highly scalable solution is ideal for large remote access deployments where it is impractical to configure policies individually for multiple remote PCs. This architecture also ensures that those connections are using up-to-date security policies and eliminates the operational costs associated with maintaining a consistent policy and key management method.

Note: Configuring the Cisco VPN client is beyond the scope of this course. Check www.cisco.com for more information.