Tags:
Thanks! We'll email you when relevant content is added and updated.
Following
Follow
Cisco
Thanks! We'll email you when relevant content is added and updated.
Following
Follow
IPsec
Thanks! We'll email you when relevant content is added and updated.
Following
Follow
VPN
Im working with a 871 cisco router and I need to do a VPN between 2 offices so i made the next configurations.
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key vpn3j3mpl0 address 201.216.201.135
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set VPN esp-3des esp-sha-hmac
crypto map VPNSETAR 1 ipsec-isakmp
description VPN ACCESS AR
set peer 201.216.201.135
set transform-set VPN
set pfs group2
match address 101
interface FastEthernet4
ip address 201.238.179.119 255.255.255.0
ip nat outside
ip virtual-reassembly
ip route-cache flow
duplex auto
speed auto
crypto map VPNSETAR
!
access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
!
ip nat inside source route-map nonat interface FastEthernet4 overload
!
ip access-list extended NAT-ACL
deny ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any
!
So after I made all this configurations I saw that the vpn is working by running the command:
IPV-ECU#Show crypto Isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
201.238.179.119 201.216.201.135 QM_IDLE 1002 0 ACTIVE
IPv6 Crypto ISAKMP SA
But when I tried to ping It dind work.
Im new in configuring cisco routers so I will appreciate who can help me on this issue.
Asked:
February 19, 2014 2:53 PM
Discuss This Question: