Hello,
here are the basic configs, IP addressing is arbitrary:
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Site1
!
enable password cisco
!
no ip name-server
!
isdn switch-type basic-net3
pots country US
!
ip subnet-zero
no ip domain-lookup
ip routing
!
crypto isakmp enable
crypto isakmp identity address
!
crypto isakmp policy 1
encryption des
hash md5
authentication pre-share
group 1
lifetime 86400
crypto isakmp key cisco address 192.168.2.1
!
crypto ipsec transform-set cm-transformset-1 ah-md5-hmac esp-des esp-md5-hmac
crypto map cm-cryptomap local-address Dialer 1
!
crypto map cm-cryptomap 1 ipsec-isakmp
match address 100
set peer 192.168.2.1
set transform-set cm-transformset-1
set security-association lifetime seconds 3600
set security-association lifetime kilobytes 4608000
!
interface Dialer 1
description connected to Site2
crypto map cm-cryptomap
ip address 192.168.2.2 255.255.255.252
no ip split-horizon
encapsulation ppp
dialer-pool 1
dialer idle-timeout 120
dialer string xxx
dialer hold-queue 10
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname cisco
ppp chap password password
ppp pap sent-username cisco password password
no ppp multilink
no cdp enable
!
interface Ethernet 0
ip address 172.16.1.1 255.255.255.0
!
interface BRI 0
no shutdown
description connected to Site2
no ip address
dialer pool-member 1
!
dialer-list 1 protocol ip permit
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 Dialer 1
no ip http server
!
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password cisco
login
!
line vty 0 4
password cisco
login
!
end
----------------------------------
!
service timestamps debug uptime
service timestamps log uptime
service password-encryption
no service tcp-small-servers
no service udp-small-servers
!
hostname Site2
!
enable password cisco
!
no ip name-server
!
isdn switch-type basic-net3
pots country US
!
ip subnet-zero
no ip domain-lookup
ip routing
!
crypto isakmp enable
crypto isakmp identity address
!
crypto isakmp policy 1
encryption des
hash md5
authentication pre-share
group 1
lifetime 86400
crypto isakmp key cisco address 192.168.2.2
!
crypto ipsec transform-set cm-transformset-1 ah-md5-hmac esp-des esp-md5-hmac
crypto map cm-cryptomap local-address Dialer 1
!
crypto map cm-cryptomap 1 ipsec-isakmp
match address 100
set peer 192.168.2.2
set transform-set cm-transformset-1
set security-association lifetime seconds 3600
set security-association lifetime kilobytes 4608000
!
interface Dialer 1
description connected to Site1
crypto map cm-cryptomap
ip address 192.168.2.1 255.255.255.252
no ip split-horizon
encapsulation ppp
dialer pool 1
dialer idle-timeout 120
dialer string xxx
dialer hold-queue 10
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname cisco
ppp chap password password
ppp pap sent-username cisco password password
no ppp multilink
no cdp enable
!
interface Ethernet 0
ip address 172.16.2.1 255.255.255.0
!
interface BRI 0
description connected to Site1
no ip address
dialer pool-member 1
!
dialer-list 1 protocol ip permit
!
ip classless
!
ip route 0.0.0.0 0.0.0.0 Dialer 1
no ip http server
!
snmp-server community public RO
no snmp-server location
no snmp-server contact
!
line console 0
exec-timeout 0 0
password cisco
login
!
line vty 0 4
password cisco
login
!
end
Let me know if you are having problems getting this to work...
Regards,
GP
