Re: Hub to spoke Sites: Site to multisite connection on 1841 Cis

Jigar Dave · ‎03-18-2011

I need some idea how I can go about this.

giving some more info.

# already on Ho 1841 router client VPN set up is running. but I need to run site-to-site VPN on same 1841 router #

at HO we have 1841 router, we have 10 field offices, these field offices will be having internet public IP and connecting to HO via internet

I want to configure site to site VPN connection to pull traffic from field offices to HO in secure tunnel.

I have public IP on HO router and all field offices are having public IP.

I have following idea

1. at every field office, I need to create crypto map, IKE parameters, interesting traffic towards HO

2. in HO router - I need to create crypto map, IKE parameter

but here I am stopping, I dont know what configuration needs to be in HO(hub) router to connect to every field office - should I need to configure different crypto-map on HO router? all field office have different public IP so how I can accomodate them in HO?

Thanks in advance

Jigar

Kishore Chennupati · ‎03-18-2011

Hi Jigar,

One crypto map at the HO should be enough.Please find below a sample config that you need to put on your HO

crypto isakmp policy 10

encr aes

authentication pre-share

group 2

crypto isakmp key abcd1234 address 203.1.1.2

!

crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac

!

crypto map CRYPTO_MAP_1 10 ipsec-isakmp

set peer 203.1.1.2

set transform-set ESP-AES-128-SHA

match address 100

crypto map CRYPTO_MAP_1 20 ipsec-isakmp

set peer 202.14.1.5

set transform-set ESP-AES-128-SHA

match address 100

interface fa0/1

crypto map CRYPTO_MAP_1

HTH

Regards,

Kishore

PLease rate if helpful

Hub to spoke Sites: Site to multisite connection on 1841 Cisco router