09-28-2008 08:43 PM - edited 03-06-2019 01:38 AM
Dear All,
I need config support for establishing a tunnel
RouterA--PE--My Cloud--Internet Cloud--RouterB
I want to create tunnel between RouterA and RouterB. Ultimately it is tunnel between two router connected via Internet
Hope you understand my requirement
As it is internet so remember I have option of static or BGP only
Please help
Mahesh
09-28-2008 09:22 PM
Hi,
Find below IPSec Tunnel configuration.
Router A
--------------------------------------
crypto isakmp policy 10
encryption aes 256
authentication pre-share
*****preshare for opposite peer w.x.y.z*******
crypto isakmp key cisco123 address w.x.y.z
crypto ipsec transform-set aesset esp-aes 256 esp-sha-hmac
crypto map aesmap 10 ipsec-isakmp
set peer w.x.y.z
set transform-set aesset
match address acl_vpn
interface FastEthernet0
description***outside/wan interface*****
ip address a.b.c.d x.x.x.x
crypto map aesmap
***set static route to RouterB LAN*******
ip route x.x.x.x x.x.x.x FastEthernet0
*****set encrypted traffic from RouterA LAN to RouterB LAN*****
ip access-list extended acl_vpn
permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255
------------------------------------------------
Router B
______________________________________________
crypto isakmp policy 10
authentication pre-share
crypto isakmp key cisco123 address a.b.c.d
crypto ipsec transform-set aesset esp-aes 256 esp-sha-hmac
crypto map aesmap 10 ipsec-isakmp
set peer a.b.c.d
set transform-set aesset
match address acl_vpn
interface FastEthernet0
ip address w.x.y.z x.x.x.x
crypto map aesmap
****set static route to RouterA LAN*****
ip route x.x.x.x x.x.x.x FastEthernet0
****Set encrypted traffic from RouterB LAN to RouterA LAN*****
ip access-list extended acl_vpn
permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255
____________________________________________
HTH...rate if helpful..
09-28-2008 09:23 PM
u need at leat one public IP addres if two better
and just configure IPsec vpn site-to-site
which is secure and dose the job for u as wanted
for config have a look at the folloing link:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml
good luck
if helpful Rate
09-28-2008 10:26 PM
Ok let me work on it . will rate it later
Thanks Guys
Bye
mahesh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide