Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
816
Views
2
Helpful
2
Replies

IPSec Site-to-Site VPN Configuration in Packet Tracer

Go to solution
Heba1
Level 1
Level 1

‎12-08-2024 10:24 AM

I am working on a VPN configuration in Packet Tracer, specifically implementing an IPSec site-to-site VPN. The setup involves four edge routers, each with two serial connections, and the goal is to establish a tunnel between each edge router and the others.

However, I am facing a limitation in Packet Tracer where only one crypto map can be applied to each interface. I've tried creating one map with different policies, but we continue to encounter issues with pinging between to initiate the interesting traffic and this only happens with the VPN.

Could anyone please advise if there is a workaround for this limitation in Packet Tracer? Or, if there’s a specific configuration method I may have overlooked, I would greatly appreciate the guidance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎12-08-2024 12:01 PM

Hello @Heba1 

You could configure multiple entries within the same crypto map. Each entry can define a separate peer and access list to specify the "interesting traffic" for different VPN tunnels:

crypto map VPN-MAP 10 ipsec-isakmp
set peer 192.168.1.1
set transform-set TRANSFORM-SET
match address ACL1

crypto map VPN-MAP 20 ipsec-isakmp
set peer 192.168.2.1
set transform-set TRANSFORM-SET
match address ACL2

interface serial 0/0/0
crypto map VPN-MAP

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

2 Replies 2

Go to solution
M02@rt37
VIP
VIP

‎12-08-2024 12:01 PM

Hello @Heba1 

You could configure multiple entries within the same crypto map. Each entry can define a separate peer and access list to specify the "interesting traffic" for different VPN tunnels:

crypto map VPN-MAP 10 ipsec-isakmp
set peer 192.168.1.1
set transform-set TRANSFORM-SET
match address ACL1

crypto map VPN-MAP 20 ipsec-isakmp
set peer 192.168.2.1
set transform-set TRANSFORM-SET
match address ACL2

interface serial 0/0/0
crypto map VPN-MAP

 

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

Go to solution
Flavio Miranda
VIP
VIP

‎12-08-2024 12:29 PM

@Heba1 

 As far as I know PacketTracer will not support hub and spoke for VPN.  One tunnel will not come UP.

If you check the PacketTracer samples cisco provide within PacketTracer installation, there will no such scenario

Customers Also Viewed These Support Documents