Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > router to router vpn ~ HELP

Reply
Thread Tools

router to router vpn ~ HELP

 
 
umiseaz umiseaz is offline
Junior Member
Join Date: May 2009
Posts: 1
 
      05-25-2009
hi all,

i want to do simulation of end to end vpn
i prepare 2 x cisco 2811 router + 1 x catalyst 3750 switch

topology

fa0/1(LAN - 10.1.1.1)->router 1->fa0/0 (WAN - 1.1.1.2)~~~(3750 switch act as internet cloud)~~~fa0/0 (WAN 2.2.2.2)<-router 2<-fa0/1 (LAN - 192.168.1.1)


----------------------------------------------------------------------
i have configure the routers and switch but the ipsec is not up

router1#sh crypto isakmp sa
dst src state conn-id slot status

router1#

----------------------------------------------------------------------------

pls see the attach config below.

hostname router1
!
crypto isakmp enable
!
crypto isakmp policy 10
encr 3des
authentication pre-share
lifetime 28800
crypto isakmp key cisco address 2.2.2.2
!
crypto ipsec transform-set User-Define-Tunnel esp-3des esp-sha-hmac
!
crypto map Testing 1 ipsec-isakmp
set peer 2.2.2.2
set security-association lifetime seconds 900
set transform-set User-Define-Tunnel
set pfs group1
match address 101
!
interface FastEthernet0/0
description --- outside - WAN ---
ip address 1.1.1.2 255.0.0.0
no shut
duplex auto
speed auto
crypto map Testing
!
interface FastEthernet0/1
description --- inside - LAN ---
ip address 10.1.1.1 255.255.255.0
no shut
no keepalive
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 1.1.1.1
!
access-list 101 remark --- ACL for customer traffic from router 2 to router 1
access-list 101 permit ip 10.1.1.0 0.0.0.255 192.168.1.0 0.0.0.255

-----------------------------------------------------------------------------------------------------

hostname router2
!
crypto isakmp enable
!
crypto isakmp policy 10
encr 3des
authentication pre-share
lifetime 28800
crypto isakmp key cisco address 1.1.1.2
!
crypto ipsec transform-set User-Define-Tunnel esp-3des esp-sha-hmac
!
crypto map Testing 1 ipsec-isakmp
set peer 1.1.1.2
set security-association lifetime seconds 900
set transform-set User-Define-Tunnel
set pfs group1
match address 101
!
interface FastEthernet0/0
description --- outside - WAN ---
ip address 2.2.2.2 255.0.0.0
no shut
duplex auto
speed auto
crypto map Testing
!
interface FastEthernet0/1
description --- inside - LAN ---
ip address 192.168.1.1 255.255.255.0
no shut
no keepalive
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 2.2.2.1
!
access-list 101 remark --- ACL for customer traffic from router 2 to router 1 ---
access-list 101 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

---------------------------------------------------------------------------------------------------------------

hostname internet_clould
!
!
no aaa new-model
switch 2 provision ws-c3750-24ts
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
interface FastEthernet2/0/1
switchport access vlan 100
!
interface FastEthernet2/0/2
switchport access vlan 200
!
interface Vlan1
no ip address
shutdown
!
interface Vlan100
ip address 1.1.1.1 255.0.0.0
!
interface Vlan200
ip address 2.2.2.1 255.0.0.0
!
ip classless
ip route 10.1.1.0 255.255.255.0 1.1.1.2
ip route 192.168.1.0 255.255.255.0 2.2.2.2
ip http server
!
!
!
control-plane
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN site to site & Remote access VPN ( vpn client) over the same interface pasatealinux Cisco 1 12-17-2007 07:41 PM
Vpn 3020 and linksys vpn router black42@gmail.com Cisco 0 12-22-2004 05:42 AM
endpoint vpn router to endpoint vpn router problem Mike Doty Cisco 1 10-02-2004 07:41 PM
site-to-site VPN router to PIX VPN tical Cisco 3 05-27-2004 09:00 PM
Cisco vpn server enabled / VPN and no-VPN connections mix Elise Cisco 6 05-22-2004 07:55 AM



Advertisments