cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
708
Views
0
Helpful
4
Replies

IPSEC between 2611 and Win7 (within LAN)

ncciscouser
Level 1
Level 1

Hi,

i want to encrypt all traffic between a host (WIN7) and its default gateway (2611).

Could you please show me any configuration examples?

I think it should work with Transport mode encryption.

Thanks!

4 Replies 4

Hi,

If the endpoints of the protected traffic are both the host and the 2611 (as you mentioned) you can use transport mode.

You need to configure the 2611 as an EzVPN server to accept IPsec VPN from the PC. (with the difference of applying the crypto map to the ''inside'' interface).

Here's a link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800949ba.shtml

Hope it helps.


Federico.

hi thanks for your info so far, do i need the cisco VPN Client software?

1.Shouldnt this work with Win7 IPSEC stack natively?

2.A dhcp pool from the ios router shouldnt be needed too, since iam not tunneling iam going for transport mode ?

Thanks.

1. If you use PPTP or L2TP/IPsec both uses native VPN on windows (no need for VPN client software).

2. In theory there's no need for pool, however all configs I've seen still uses a pool for VPN.

Hope it helps.

Federico.

Hi works like a charm, no dhcp pool needed, can be achieved with Windows IPSEC Security Policy.

Import is setting transport mode in transform set / crypto map.