04-18-2016 03:32 PM - edited 03-12-2019 12:38 AM
04-18-2016 03:32 PM
Sorry I was not able to create this case, I had to remove the code.
Trying to paste the commands
access-list BRANCH1 remark BRANCH1_TUNNEL
access-list BRANCH1 permit ip 172.1.1.0 255.255.255.0 192.100.0.0 255.255.255.0
access-list BRANCH2 remark BRANCH2_TUNNEL1
access-list BRANCH2 permit ip 172.1.1.0 255.255.255.0 10.1.10.0 255.255.255.0
access-list BRANCH2 remark BRANCH2_TUNNEL2
access-list BRANCH2 permit ip 192.168.255.0 255.255.255.0 10.1.10.0 255.255.255.0
access-list CLIENT1 remark CLIENT_TUNNEL
access-list CLIENT1 permit ip 172.1.1.0 255.255.255.0 10.40.0.0 255.255.0.0
sysopt connection permit-ipsec
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto map outside_map 5 ipsec-isakmp
crypto map outside_map 5 match address BRANCH1
crypto map outside_map 5 set peer 1.1.4.3
crypto map outside_map 5 set transform-set ESP-3DES-SHA
crypto map outside_map 190 ipsec-isakmp
crypto map outside_map 190 match address BRANCH2
crypto map outside_map 190 set peer 7.1.2.2
crypto map outside_map 190 set transform-set ESP-3DES-MD5
crypto map outside_map 190 set security-association lifetime seconds 3600 kilobytes 536870912
crypto map outside_map 210 ipsec-isakmp
crypto map outside_map 210 match address CLIENT1
crypto map outside_map 210 set peer 2.1.1.2
crypto map outside_map 210 set transform-set ESP-AES-256-SHA
crypto map outside_map 210 set security-association lifetime seconds 5400 kilobytes 4608000
crypto map outside_map interface outside
isakmp enable outside
isakmp key presharedpass1 address 1.1.4.3 netmask 255.255.255.255 no-xauth
isakmp key presharedpass2 address 7.1.2.2 netmask 255.255.255.255 no-xauth no-config-mode
isakmp key presharedpass3 address 2.1.1.2 netmask 255.255.255.255 no-xauth no-config-mode
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash sha
isakmp policy 10 group 2
isakmp policy 10 lifetime 86400
isakmp policy 30 authentication pre-share
isakmp policy 30 encryption 3des
isakmp policy 30 hash md5
isakmp policy 30 group 2
isakmp policy 30 lifetime 86400
isakmp policy 35 authentication rsa-sig
isakmp policy 35 encryption des
isakmp policy 35 hash sha
isakmp policy 35 group 1
isakmp policy 35 lifetime 86400
isakmp policy 90 authentication pre-share
isakmp policy 90 encryption des
isakmp policy 90 hash md5
isakmp policy 90 group 2
isakmp policy 90 lifetime 86400
isakmp policy 110 authentication pre-share
isakmp policy 110 encryption 3des
isakmp policy 110 hash sha
isakmp policy 110 group 1
isakmp policy 110 lifetime 86400
isakmp policy 130 authentication pre-share
isakmp policy 130 encryption 3des
isakmp policy 130 hash md5
isakmp policy 130 group 1
isakmp policy 130 lifetime 86400
isakmp policy 150 authentication pre-share
isakmp policy 150 encryption aes-256
isakmp policy 150 hash sha
isakmp policy 150 group 5
isakmp policy 150 lifetime 28800
isakmp policy 190 authentication pre-share
isakmp policy 190 encryption 3des
isakmp policy 190 hash sha
isakmp policy 190 group 5
isakmp policy 190 lifetime 7800
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: