Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > VPN over My Internet Gateway Interface

Reply
Thread Tools

VPN over My Internet Gateway Interface

 
 
gferragut
Guest
Posts: n/a
 
      08-07-2007
im trying to stablish a VPN peer-to-peer over my internet serial
concection the problem is when i start the vpn all the trafic
between the internet and my lan is down , whan can i do for mount
the vpn over the internet gateway and dont block the internet
connection

im using a 2811 router
Thank you Best Regards

 
Reply With Quote
 
 
 
 
Scott Perry
Guest
Posts: n/a
 
      08-07-2007
Following the ideas of ITIL (Information Technology Infrastructure Library),
I believe the term is site to site VPN meaning that a whole network is being
connected to a whole network over a VPN connection of whatever type is
specified. This is contrast to a RAS VPN where one individual host out in
the world establishes a VPN back to a network.

There are many ways to do a VPN connection and many protocols to do it with.
I am providing a sample of a 3DES encrypted and MD5 hash site to site VPN
connection which uses a crypto map with an address range applied to an
interface, similar to what you mentioned. You need an IOS image such as
Advanced Security, Advanced IP Services, or Advanced Enterprise Services for
this.

---

crypto isakmp policy 10
encr 3DES
hash MD5
authentication pre-share
group 2
!
crypto ipsec transform-set MD5-3DES ah-MD5-hmac esp-3DES
mode transport

---
The above section is the setup for all connections. Below is the specifics
for this connection using the global settings above.
---

crypto isakmp key secretword address 12.2.2.2
!
ip access-list extended vpn-acmeinc
permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
!
crypto map acmeinc 10 ipsec-isakmp
set peer 12.2.2.2
set transform-set MD5-3DES
match address vpn-acmeinc
!
interface Serial0
crypto map acmeinc
!
ip route 192.168.2.0 255.255.255.0 Serial0

--

===========
Scott Perry
===========
Indianapolis, Indiana
________________________________________
"gferragut" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> im trying to stablish a VPN peer-to-peer over my internet serial
> concection the problem is when i start the vpn all the trafic
> between the internet and my lan is down , whan can i do for mount
> the vpn over the internet gateway and dont block the internet
> connection
>
> im using a 2811 router
> Thank you Best Regards
>



 
Reply With Quote
 
 
 
 
Scott Perry
Guest
Posts: n/a
 
      08-07-2007
I belive the actual term is site-to-site VPN, not peer-to-peer. My
criticism is only to ensure accuracy so that we are all speaking in the same
terms. I think that is why the ITIL system was started.

crypto isakmp policy 10
encr 3DES
hash MD5
authentication pre-share
group 2
!
crypto ipsec transform-set MD5-3DES ah-MD5-hmac esp-3DES
mode transport
!
crypto isakmp key secretword address 12.2.2.2
crypto map acmeinc 10 ipsec-isakmp
set peer 12.2.2.2
set transform-set MD5-3DES
match address vpn-acmeinc
!
interface Serial0
crypto map acmeinc
!
ip access-list extended vpn-acmeinc
permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
!
ip route 192.168.2.0 255.255.255.0 Serial0


--

===========
Scott Perry
===========
Indianapolis, Indiana
________________________________________
"gferragut" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) oups.com...
> im trying to stablish a VPN peer-to-peer over my internet serial
> concection the problem is when i start the vpn all the trafic
> between the internet and my lan is down , whan can i do for mount
> the vpn over the internet gateway and dont block the internet
> connection
>
> im using a 2811 router
> Thank you Best Regards
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VOIP over VPN over TCP over WAP over 3G Theo Markettos UK VOIP 2 02-14-2008 03:27 PM
VPN Client is assigning the same IP Address to both the interface andthe default gateway. dnash Cisco 0 01-02-2008 03:03 PM
VPN Client is assigning the same IP Address to both the interface andthe default gateway. dnash Cisco 0 01-02-2008 03:02 PM
VPN site to site & Remote access VPN ( vpn client) over the same interface pasatealinux Cisco 1 12-17-2007 07:41 PM
Edit Primary Gateway To Send Internet Traffic To Secondary Gateway Frank Cisco 3 09-30-2004 04:51 AM



Advertisments