Solved: Re: IPSEC TUNNEL CONFIGRATION

himanshudwivedi · ‎11-29-2021

I am trying to setup a IPSEC between R1 and R3. Configured the IP Address as per below snapshot, and IP SEC Session is up and data is flowing encrypted. But As soon as I enable Crypto Map on interface , R1 to R2 and R3 to R2 become unreachable. Please check the attached config and suggest

Rob Ingram · ‎11-29-2021

@himanshudwivedi other than adding "crypto map IPSEC" to the external interfaces nothing has changed. You still need to follow the suggestion above.

View solution in original post

MHM Cisco World · ‎11-30-2021

because the traffic now is tunnel and hide from R2, this is why IPSec use in Internet to make all other not seen the traffic between two peer.

View solution in original post

Rob Ingram · ‎11-29-2021

@himanshudwivedi you've only configured 1 interface on both R3 and R1, you need to define inside interfaces or loopbacks. You then configure your ACL to encrypt traffic between the local inside network(s) or loopback and the remote networks (not permit any any as you are currently doing). Once the crypto map is enabled on the egress interface, any traffic matching the ACL will be encrypted and sent over the VPN tunnel.

himanshudwivedi · ‎11-29-2021

There was some wrong Attachment uploaded, please check the latest attachment.

Rob Ingram · ‎11-29-2021

@himanshudwivedi other than adding "crypto map IPSEC" to the external interfaces nothing has changed. You still need to follow the suggestion above.

himanshudwivedi · ‎12-01-2021

yes it worked

MHM Cisco World · ‎11-30-2021

because the traffic now is tunnel and hide from R2, this is why IPSec use in Internet to make all other not seen the traffic between two peer.