Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Cisco VPN with Site to Site and Remote Access

Reply
Thread Tools

Cisco VPN with Site to Site and Remote Access

 
 
rustysyate rustysyate is offline
Junior Member
Join Date: May 2012
Posts: 1
 
      05-03-2012
This is the first time for me to work with Cisco Router.
The below mentioned is my configuration where
Cisco Srv is Cisco 7200 Series Router XYZ is one VPN Server running on Linux. RAC is the Remote Access VPN Client
| RAC |-----> | XYZ | ===== | Cisco Srv |

HTML Code:
The configuration for the Cisco Srv: no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service internal
!
hostname Cisco7200
!
aaa new-model
!
!
aaa authorization network hw-client-groupname local
aaa session-id common
enable password cisco
!
memory-size iomem 16
clock timezone - 0 6
ip subnet-zero
no ip source-route
!
!
ip domain-name cisco.com
!
ip audit notify log
ip audit po max-events 100
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp client configuration address-pool local dynpool
!
crypto isakmp client configuration group hw-client-groupname
key hw-client-password
dns 30.30.30.10 30.30.30.11
wins 30.30.30.12 30.30.30.13
domain cisco.com
pool dynpool

crypto isakm profile VPNclient
description VPN clients profile
match identity group hw-client-groupname
isakmp authorization list hw-client-groupname
client configuration address respond

crypto ipsec transform-set transform-1 esp-3des esp-sha-hmac
crypto dynamic-map vpnclient 1
set transform-set transform-1
set isakmp-profile VPNclient
reverse-route
!
crypto isakmp policy 10
encr aes 256
hash sha
authentication pre-share
group 2

crypto isakmp key somestrongkey address 0.0.0.0 0.0.0.0

crypto ipsec transform-set ts esp-aes 256 esp-sha-hmac

ip access-list extended vpn
deny ip 192.168.1.22 255.255.255.255 20.1.1.0 255.255.255.0
permit ip 192.168.1.22 255.255.255.225 any
crypto dynamic-map vpndynamic 10
set transform-set ts
match address vpn
reverse-route 

crypto map dynmap 1 ipsec-isakmp dynamic vpnclient
crypto map dynmap 10 ipsec-isakmp dynamic vpndynamic

interface FastEthernet1/0
ip addr 192.168.1.22 255.255.255.0
no shutdown
crypto map dynmap
no cdp enable
!
interface f1/1
description connected to HQ LAN
ip address 30.30.30.1 255.255.255.0
no shutdown
speed auto
no cdp enable
!
ip local pool dynpool 30.30.30.20 30.30.30.30
ip classless
ip route 20.1.1.0 255.255.255.0 192.168.1.2 
no ip http server
ip pim bidir-enable
!
!
no cdp run
!
line con 0
line aux 0
line vty 0 4
password cisco
!
end
I can individually create a tunnel between Cisco Srv and RAC also between Cisco Srv and XYZ. But when the tunnel between Cisco Srv and XYZ is established, i can't create a tunnel with RAC from Cisco Srv. If anyone can shed some light it would be a great help for me.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Trying to access the PDM of a Cisco pix over a Remote Access VPN withCisco VPN Client BF Cisco 2 09-07-2008 03:00 PM
VPN site to site & Remote access VPN ( vpn client) over the same interface pasatealinux Cisco 1 12-17-2007 07:41 PM
PIX 501 Site-to-Site VPN and Remote Access VPN drhopkins@cox.net Cisco 1 11-14-2006 03:32 PM
Vpn site to site + vpn cisco client access list problem. Vigarv Cisco 1 08-07-2006 03:05 PM



Advertisments