android手机功能强大,毫不逊色与apple4,但是思科暂时不提供基于的android的vpn client软件(伴随着cius的发布,vpn client for android离我们不会很远了),使得我们无法通过vpn访问公司内部资源。
在android2.2中,系统已经支持L2TP和PPTP VPN,所以我们可以通过L2TP来实现VPN连接。
在思科router上为android手机配置L2TP VPN接入:
vpdn enable
vpdn multihop
vpdn logging
vpdn history failure table-size 50
!
vpdn-group L2TP-VPN
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname anonymous
lcp renegotiation always
no l2tp tunnel authentication
l2tp tunnel password 7 XXXXXXXXXXXXX
l2tp tunnel framing capabilities all
l2tp tunnel bearer capabilities all
l2tp ip udp checksum
ip pmtu
ip mtu adjust
l2tp congestion-control
interface Virtual-Template1
description Templates_for_Androids
ip unnumbered FastEthernet0/0.X
ip verify unicast source reachable-via rx
ip virtual-reassembly
ip tcp header-compression
ntp disable
peer ip address forced
peer default ip address pool pool-and
keepalive 5 2
ppp mtu adaptive
ppp encrypt mppe auto
ppp authentication chap pap ms-chap ms-chap-v2
!
ppp chap hostname XXX
ppp ipcp header-compression ack
ppp ipcp address required
ppp ipcp address unique
no clns route-cache
VPN连接好了,剩下的应用的都可以自己发挥了。
展示一下的应用吧,
csipsimple,免费的sip终端软件,通过vpn注册到公司的cucm,只要有wifi的地方就可以免费通话啦。
vpdn enable
vpdn multihop
vpdn logging
vpdn history failure table-size 50
!
vpdn-group L2TP-VPN
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname anonymous
lcp renegotiation always
no l2tp tunnel authentication
l2tp tunnel password 7 XXXXXXXXXXXXX
l2tp tunnel framing capabilities all
l2tp tunnel bearer capabilities all
l2tp ip udp checksum
ip pmtu
ip mtu adjust
l2tp congestion-control
description Templates_for_Androids
ip unnumbered FastEthernet0/0.X
ip verify unicast source reachable-via rx
ip virtual-reassembly
ip tcp header-compression
ntp disable
peer ip address forced
peer default ip address pool pool-and
ppp mtu adaptive
ppp encrypt mppe auto
ppp authentication chap pap ms-chap ms-chap-v2
ppp ipcp header-compression ack
ppp ipcp address required
ppp ipcp address unique
no clns route-cache