vpn site to site with isa server

Discussion in 'Cisco' started by scott_ea@hotmail.com, Oct 24, 2005.

  1. Guest

    please help i am trying to create a vpn site to site with a cisco 837
    and isa server here is the 837 config:
    Current configuration : 3413 bytes
    !
    version 12.3
    no service pad
    service timestamps debug uptime
    service timestamps log uptime
    service password-encryption
    !
    hostname Router
    !
    boot-start-marker
    boot-end-marker
    !
    enable secret 5 $1$0j52$.DL5UbEsWvNDfPpswKMkF.
    !
    username Router password 7 14051D1E180138
    username CRWS_Gayatri privilege 15 password 7 08651D0A3E
    username CRWS_Jaidil privilege 15 password 7
    06425E657B1F0F38411843043F213A2A7
    164677545564551
    no aaa new-model
    ip subnet-zero
    ip dhcp excluded-address 10.43.30.1
    !
    ip dhcp pool TEST
    import all
    network 10.43.30.0 255.255.255.0
    default-router 10.43.30.1
    lease 0 2
    !
    ip dhcp pool CLIENT
    import all
    !
    !
    ip name-server 194.72.9.34
    ip name-server 194.74.65.69
    ip ips po max-events 100
    vpdn enable
    !
    vpdn-group pppoe
    request-dialin
    protocol pppoe
    !
    no ftp-server write-enable
    !
    !
    !
    !
    !
    crypto isakmp policy 1
    encr 3des
    authentication pre-share
    !
    crypto isakmp policy 4
    encr 3des
    authentication pre-share
    group 2
    !
    crypto isakmp policy 5
    encr 3des
    hash md5
    authentication pre-share
    group 2
    !
    crypto isakmp policy 9
    hash md5
    authentication pre-share
    !
    crypto isakmp policy 10
    encr 3des
    authentication pre-share
    group 2
    !
    crypto isakmp policy 12
    authentication pre-share
    !
    crypto isakmp policy 20
    hash md5
    authentication pre-share
    group 2
    !
    crypto isakmp policy 23
    encr 3des
    hash md5
    authentication pre-share
    crypto isakmp key shout address 62.6.179.250
    !
    crypto ipsec security-association lifetime seconds 86400
    !
    crypto ipsec transform-set s1s2trans esp-des esp-md5-hmac
    crypto ipsec transform-set cisisa esp-3des esp-sha-hmac
    !
    crypto map to-siteisa 10 ipsec-isakmp
    set peer 62.6.179.250
    set transform-set cisisa
    match address 101
    !
    !
    !
    interface Ethernet0
    ip address 10.43.30.1 255.255.255.0
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1348
    hold-queue 100 out
    !
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    dsl operating-mode auto
    hold-queue 224 in
    !
    interface ATM0.1 point-to-point
    pvc 0/38
    pppoe-client dial-pool-number 1
    !
    !
    interface FastEthernet1
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet2
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet3
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet4
    no ip address
    duplex auto
    speed auto
    !
    interface Dialer1
    ip address 217.36.86.242 255.255.255.0
    ip mtu 1492
    ip nat outside
    ip virtual-reassembly
    encapsulation ppp
    ip tcp adjust-mss 1348
    dialer pool 1
    ppp authentication chap callin
    ppp chap hostname xxxxxxxxx
    ppp chap password 7 05190701255F5A081D5541
    ppp ipcp dns request
    ppp ipcp wins request
    crypto map to-siteisa
    !
    ip classless
    ip route 0.0.0.0 0.0.0.0 Dialer1
    ip http server
    no ip http secure-server
    !
    ip nat inside source list 1 interface Dialer1 overload
    !
    access-list 1 permit 10.43.30.0 0.0.0.255
    access-list 23 permit 10.43.30.0 0.0.0.255
    access-list 101 permit ip 10.43.30.0 0.0.0.255 10.14.1.0 0.0.0.255
    access-list 150 permit ip 10.43.30.0 0.0.0.255 any
    route-map nonat permit 10
    match ip address 150
    !
    !
    control-plane
    !
    !
    line con 0
    exec-timeout 120 0
    no modem enable
    transport preferred all
    transport output all
    stopbits 1
    line aux 0
    transport preferred all
    transport output all
    line vty 0 4
    access-class 23 in
    exec-timeout 120 0
    login local
    length 0
    transport preferred all
    transport input all
    transport output all
    !
    scheduler max-task-time 5000
    end

    Router#


    any help would be great.
    , Oct 24, 2005
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dejan Gambin
    Replies:
    0
    Views:
    735
    Dejan Gambin
    Oct 16, 2003
  2. Martin Kayes
    Replies:
    0
    Views:
    511
    Martin Kayes
    Nov 19, 2003
  3. GRaybin
    Replies:
    3
    Views:
    2,983
    GRaybin
    Jul 13, 2004
  4. wmmalii
    Replies:
    0
    Views:
    3,158
    wmmalii
    May 17, 2006
  5. Dingus

    Exchange Server 2003 and ISA Server 2004

    Dingus, Mar 25, 2006, in forum: Computer Support
    Replies:
    4
    Views:
    452
Loading...

Share This Page