VPN Configuration Example on a Cisco C1111 8P

P.W.B. · ‎12-07-2021

I need to terminate a VPN connection in a Cisco C1111 8P, where I have the information below and would like a configuration example.

Enabled = Yes
Enable perfect forward secrecy = Yes
Name = [name]
Local Id = Local IP
Local Endpoint = 1.2.3.4
Local Subnets = Local Subnets IP
Peer Id = Remote IP
Peer Endpoint = 1.1.1.1
Peer Subnets = 0.0.0.0/0
Encryption Algorithm = AES-GCM
Authentication = PSK
Change Shared Key = No
Pre-Shared Key = [key]
Display Shared Key = No
Diffie_Hellman Group = DH16
Digest Algorithm = SHA-256
IKE Option = IKEv2
IKE Responder Only = No
Session Type = Policy Based Session

Thanks in advance

marce1000 · ‎12-07-2021

- Check the configuration-examples mentioned in this thread :

https://community.cisco.com/t5/routing/c1111-8p-ipsec-site-to-site-vpn/m-p/3819972

M.

-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

P.W.B. · ‎12-09-2021

Thanks for your help.

I'm still not quite sure how the CLI commands refer to the data I've got form the Edge Gateway.

In the configuration example you refer to there are some commands that confuse me:

"group 14" is that the Diffie Hellman Group ?

Where do I set the Digest Algorithm (i.e. SHA-256) ?

Where do I set the IKE option ?

Georg Pauwen · ‎12-09-2021

Hello,

can you post the (running) configuration of your router with what you have configured so far ?

P.W.B. · ‎12-10-2021

The router is brand new and I haven't received it yet, so it just the default configuration.

Thanks.