03-20-2017 10:33 AM
Following this link https://courses.cs.ut.ee/MTAT.08.004/2016_spring/uploads/Main/37_1.pdf , I was able to successfully create a vpn. However I was wondering if you could add another router between r0 r1
I tried it and it does not work
03-20-2017 11:16 AM
Your link is not available outside your UT environment. So putting on the magic guessing hat I would troubleshoot as follows.
1. Prove connectivity between your 2 VPN devices. This can be accomplished with a ping. No connectivity is likely a routing issue. You don't have to have routes to the inside networks but r1 must be able to see r2.
2. Check the routing device you inserted for NAT. You may get a failure in IPSec if you are traversing a NAT device (ESP does not work with stateful inspection unless you use NAT traversal)
I'd bet on #1
03-21-2017 08:38 AM
Is that configuration possible?
[IMG]http://i64.tinypic.com/4rt353.jpg[/IMG]
I used these commands to the routers:
R0(config)# crypto isakmp policy 10
R0(config-isakmp)# encryption aes
R0(config-isakmp)# authentication pre-share
R0(config-isakmp)# group 2
R0(config-isakmp)# exit
R0(config)# crypto isakmp key cisco address 10.2.2.1
R0(config)# crypto ipsec transform-set VPN-SET esp-3des esp-sha-hmac
R0(config)# crypto map VPN-MAP 10 ipsec-isakmp
R0(config-crypto-map)# description VPN connection to R2
R0(config-crypto-map)# set peer 10.2.2.1
R0(config-crypto-map)# set transform-set VPN-SET
R0(config-crypto-map)# match address 110
R0(config-crypto-map)# exit
Without the fourth router it works perfectly, but when I add the fourth doesn't work anymore.
Thank you for the reply
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide