Greetings,

I am requesting assistance from the engineering community implementing a VPN solution within my business environment. I have attached the topology for your review. Essentially what I am trying to implement is a secure VPN solution using cryptographic encryption (AES 256) with (2) 3945 Cisco routers over a DHCP enabled ISP. These routers have a licensed securityK9 configuration.

Router1/Router2

Username (username) password secret 5 (password)

!

Crypto isakmp policy 1

Encryption aes256

Authentication pre-share

Group 2

Lifetime 480

!

Crypto isakmp client configuration

Key secret password

Domain (domain)

!

Crypto ipsec transform-set vpn1 esp-aes 256 esp-aes-hmac

!

Crypto ipsec secrutiy-association lifetime seconds 86400

!

Crypto dynamic-map dynmap 1

Set transform-set vpn1

Reverse-route

!

crypto map static-map 1 ipsec-isakmp dynamic dynmap

crypto map dynmap isakmp authorization list rtr-remote

crypto map dynmap client configuration address respond 

crypto ipsec client ezvpn ezvpnclientconnect auto

group 2 key secret-passwordmode client

peer (public DHCP IP)

crypto ipsec client ezvpn ezvpnclient outsidecrypto map static-map!

!

int gi0/0

ip add DHCP

crypto ipsec client ezvpn ezvpnclient outside

crypto map static-map!

no shut

interface tunnel 100

ip address (a private business address)

tunnel source gi0/0

tunnel destination (whatever IP that Router 2 receives from its ISP modem, which is a public IP address)

no shut

Any assistance would be greatly appreciated. Thank you and have a great night.