Anil
Below is the sample config which can be done on a cisco 887/887 router with PPPoA as physical interface. It really depends on Layer 2 physical interface as well.
There are different ways of impelemting IPSec VPN , you can have GRE over IPSec as well .
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key XXXXX! address 62.XX.XX.XX
!
!
crypto ipsec transform-set VPN-ESP-3DES esp-3des esp-sha-hmac
!
crypto map VPNSTANDARD 10 ipsec-isakmp
set peer 62.Xx.XX.XX
set transform-set VPN-ESP-3DES
match address 101
!
interface ATM0
no ip address
no atm ilmi-keepalive
pvc 0/38
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface Vlan200
ip address 10.200.1.1 255.255.255.0
!
nterface FastEthernet0
switchport access vlan 200
spanning-tree portfast
!
interface FastEthernet1
switchport access vlan 200
spanning-tree portfast
!
interface Dialer1
ip address negotiated
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap callin
ppp chap hostname
ppp chap password
crypto map VPNSTANDARD
!
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 101 permit ip 10.200.1.0 0.0.0.255 10.130.0.0 0.0.0.255