Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
867
Views
0
Helpful
0
Comments

How to add a new network to the current VPN configuration in the router

TCC_2
Level 10
Level 10

on ‎06-22-2009 04:07 PM

Core issue

This provides information on how to match more than one access-list to a single crypto peer.

Resolution

In order to accomplish this, add a new match address to the current match addresses in the VPN configuration.

The new match addresses can be configured with the help of access-lists.

This configuration example shows the current match-address in the router and how to add the new access-lists:

crypto map green-vpn 10 ipsec-isakmp

set peer 10.46.10.190

set transform-set tns

set pfs group2

match address 190

Router(config)#do show access-list

!--- displays the  access-lists

Extended IP access list 190

10 permit ip host 10.66.146.146 192.168.20.0 0.0.1.255

In order to add a new network to the current match addresses, issue the access-list with new line no:

Router(config)#ip access-list extended 190
!---  allows the access-list configuration of the router where modifications can be made to be entered

 Router(config-ext-nacl)#15 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
 
 Router(config-ext-nacl)#do show access-list 190
 Extended IP access list 190
  10 permit ip host 10.66.146.146 192.168.20.0 0.0.1.255
  15 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents