IP SEC tunnel configuration required

anil703 · ‎03-05-2014

Hello All

IP SEC tunnel configuration required with these below mention parameters.

create a secure, industry standard ipsec config for the ipsec tunnels

- include all parameters including tunnel encryption, authentication, integrity and key exchange

Regards

Anil K

srprasaad_nj · ‎03-05-2014

Anil

Below is the sample config which can be done on a cisco 887/887 router with PPPoA as physical interface. It really depends on Layer 2 physical interface as well.

There are different ways of impelemting IPSec VPN , you can have GRE over IPSec as well .

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp key XXXXX! address 62.XX.XX.XX

!

crypto ipsec transform-set VPN-ESP-3DES esp-3des esp-sha-hmac

!

crypto map VPNSTANDARD 10 ipsec-isakmp

set peer 62.Xx.XX.XX

set transform-set VPN-ESP-3DES

match address 101

!

interface ATM0

no ip address

no atm ilmi-keepalive

pvc 0/38

encapsulation aal5mux ppp dialer

dialer pool-member 1

!

interface Vlan200

ip address 10.200.1.1 255.255.255.0

!

nterface FastEthernet0

switchport access vlan 200

spanning-tree portfast

!

interface FastEthernet1

switchport access vlan 200

spanning-tree portfast

!

interface Dialer1

ip address negotiated

encapsulation ppp

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap callin

ppp chap hostname

ppp chap password

crypto map VPNSTANDARD

!

ip route 0.0.0.0 0.0.0.0 Dialer1

!

access-list 101 permit ip 10.200.1.0 0.0.0.255 10.130.0.0 0.0.0.255