February 10, 2012

VPN SITE TO SITE

By suryantofang

Here my notes to VPN Site to Site :

Router R3

!!!
crypto isakmp policy 9
hash md5
authentication pre-share
crypto isakmp key 6 VPNKEY address 10.1.1.10
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set VPNSET esp-3des
!
crypto map VPNMAP 10 ipsec-isakmp
set peer 10.1.1.10
set transform-set VPNSET
match address INT-TRAFFIC
!
!
interface Serial0/0.34 point-to-point
ip address 10.1.1.9 255.255.255.252
frame-relay interface-dlci 34
crypto map VPNMAP
!
ip access-list extended INT-TRAFFIC
permit ip 10.1.1.0 0.0.0.3 10.2.1.0 0.0.0.255
permit ip 10.1.1.0 0.0.0.255 10.2.1.0 0.0.0.255

 

Show Comamand :

show crypto isakmp sa

show crypto ipsec sa

show crypto engine connections active

and show crypto map

 

R3#show crypto engine connections active

ID Interface            IP-Address      State  Algorithm           Encrypt  Decrypt
2 Se0/0.34             10.1.1.9        set    HMAC_MD5+DES_56_CB        0        0
2001 Se0/0.34             10.1.1.9        set    3DES                      0        0
2002 Se0/0.34             10.1.1.9        set    3DES                      0        0
2003 Se0/0.34             10.1.1.9        set    3DES                      0       10
2004 Se0/0.34             10.1.1.9        set    3DES                     10        0

 

 

 

About suryantofang

I Just the one who be learn View all posts by suryantofang
This entry was posted on Friday, February 10th, 2012 at 3:03 pm and posted in Cisco. You can follow any responses to this entry through the RSS 2.0 feed.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.