Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2518
Views
0
Helpful
3
Replies

What is the correct IOS to do IPsec VPN on Cisco 2811?

Go to solution
closer152634
Level 1
Level 1

‎03-17-2016 10:01 PM - edited ‎03-05-2019 03:35 AM

Hi Team,

I have two Cisco router(2811) between 2 location datacenter. Lets name is as A & B. Both connection is using Point to Point leased line to establish connection. But recently, the Point-to-point leased line is down, and im not able to access the router in B connection from outside public IP. So right now, my task is to establish a second tunnel between this 2 router using a PPOE connection. So my question is:

1. How can i verify my running IOS in both router can support IPsec connection?

Current IOS is = System image file is "flash:c2800nm-adventerprisek9-mz.151-1.XB.bin"

License Info:

License UDI:

-------------------------------------------------
Device# PID SN
-------------------------------------------------
*0 CISCO2811 FHK0951F0Q3

2. What is the routing configuration that i need to add in both router?

Labels:
Preview file
156 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Bradfield
Level 6
Level 6

‎03-17-2016 11:09 PM

advanced enterprise should support vpn, a quick check is to see if you can do "crypto" commands

this link should give you an idea of the configuration

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/22340-vpn-pppoe.html

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Richard Bradfield
Level 6
Level 6

‎03-17-2016 11:09 PM

advanced enterprise should support vpn, a quick check is to see if you can do "crypto" commands

this link should give you an idea of the configuration

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/22340-vpn-pppoe.html

0 Helpful

Go to solution
closer152634
Level 1
Level 1
In response to Richard Bradfield

‎03-24-2016 09:22 AM

Hi Richard,

Thanks for your feedback. But I need to clarify 1 more question, If my router B have Dynamic PPPoe connection (not a FIX Public IP), and my router A have Fix Public IP, how can i establish a tunnel between them? Do i need to use DDNS in my router B?

And 2nd question, let say for my first routing in router A i point to leased line interface to router B, how can i make my second routing will go through to PPPoe Ipsec VPN that I've created, in case the primary leased line is down? below is the ip route configuration in my router A.

ip route 0.0.0.0 0.0.0.0 122.0.17.97
ip route 0.0.0.0 0.0.0.0 122.0.17.105 2
ip route 10.0.0.0 255.0.0.0 192.168.0.1 (this is the p2p routing)

0 Helpful

Go to solution
Richard Bradfield
Level 6
Level 6
In response to closer152634

‎03-24-2016 04:02 PM

Please see this old document for dynamic to static VPN, might be pertinent in your case.

http://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/14131-ios-804.html

Re second question by using IP SLA and EEM scripts you can control the traffic

Use SLA to ping the remote end of your leased line. if it goes down then use an EEM script to change the default route thru the VPN

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card