多分支节点通过PPPOE拨号，使用IPSec VPN连接访问总部

如果需要实现分支PPPOE拨号（是动态地址） 用IPSec VPN连接总部，这种方式一般怎么实现。后续增加的分支节点只需要更改账号密码就可以通过VPN连接到总部

!   -------1start------

hostname XXXX

!

!

enable password cisco

!

!

interface Virtual-Template1 type tunnel

 no ip address

 ip virtual-reassembly in

!

!

!   -------1end------

!   -------1.5start------

no ip domain lookup

ip domain name ***.***

!

username cisco password 0 cisco

!

!

!

crypto isakmp keepalive 20 5

!

!   -------1.5end------

!   -------2start------

!

crypto ipsec client ezvpn ez2

 connect auto

 group XXXX key XXXX

 local-address GigabitEthernet0/0

 mode network-extension

 peer X.X.X.X

 virtual-interface 1

 username xxxx password xxxx

 xauth userid mode local

crypto ipsec client ezvpn easyvpn1

 connect auto

 group unityclient key SEB711NECSI

 local-address GigabitEthernet0/0

 mode network-extension

 peer X.X.X.X

 username XXXX  password XXXX

xauth userid mode local

 exit

!   -------3end------

interface GigabitEthernet0/1

 ip address 10.11.4.145 255.255.255.240

 ip nat inside

 ip virtual-reassembly in

 ip tcp adjust-mss 1452

 crypto ipsec client ezvpn ez2 inside

 crypto ipsec client ezvpn easyvpn1 inside

 no sh

exit

!   -------2end------

!

interface GigabitEthernet0/0

 no sh

 ip address 192.168.10.11 255.255.255.0

 ip nat outside

 ip virtual-reassembly in

 duplex auto

 speed auto

 crypto ipsec client ezvpn ez2

 crypto ipsec client ezvpn easyvpn1

!

!   -------4end------

!

!

ip route 0.0.0.0 0.0.0.0 192.168.10.1

!

!

!

!

!

!

!

line con 0

 exec-timeout 5 0

 logging synchronous

 login local

 no modem enable

line aux 0

 exec-timeout 15 0

 login

line vty 0 4

 exec-timeout 5 0

 privilege level 15

 password cisco

 logging synchronous

 login

 transport input telnet

!

!--------------------------------------------exit

!--------------------------------------------exit

!--------------------------------------------exit

write