Configure the Easy VPN Server
Task 4 – define a group policy for a mode configuration push

This task creates a transform set for the Easy VPN Remote clients to use when they attempt to build an IPSec tunnel to the router. Use the standard method for creating a transform set, as shown in Figure .

Step 1 Add the Group Profile to be Defined
The crypto isakmp client configuration group command specifies the policy profile of the group that will be defined and enters ISAKMP group configuration mode.

Use the crypto isakmp client configuration group command to specify group policy information that needs to be defined or changed .

Step 2 Configure the ISAKMP Pre-shared Key
Use the key command in ISAKMP group configuration mode to specify the ISAKMP pre-shared key when defining group policy information for the mode configuration push . This command must be used if the VPN Client identifies itself to the router with a pre-shared key.

Step 3 (Optional) Specify the DNS servers
Specify the primary and secondary DNS servers using the dns command in ISAKMP group configuration mode .

Step 4 (Optional) Specify the Windows Internet Name Service (WINS) servers
Specify the primary and secondary WINS servers using the wins command in ISAKMP group configuration mode .

Step 5 (Optional) Specify the DNS Domain
Specify the DNS domain to which a group belongs by using the domain command in ISAKMP group configuration mode .

Step 6 Specify the Local IP Address Pool
Use the pool command to refer to an IP local address pool, which defines a range of addresses that will be used to allocate an internal IP address to a VPN Client.

Use the pool command in the ISAKMP group configuration mode to define a local pool address .

NOTE:

The crypto isakmp configuration group command, which specifies group policy information that needs to be defined or changed, must be entered before entering the key, dns, wins, domain, or pool commands.