VPN from 1841 to 7206

Unanswered Question

I have been given details for a VPN setup that we use to connect to a GPRS network. We are currently using a Linux IPSec Software solution but I'm now provisioning an Integrated Services Router 1841. I am a little unsure of how to create the VPN in our 1841 to connect. The remote side is using a 7206 but they will not supply a config for us to use. Details are;

Phase 1 (ISKAMP)

Encryption: 3DES

Hash: MD5

Auth: PSK

Diffie-Hellman: 2

Lifetime: 86400

Phase 2 (IPSec)

Transform-Set: ESP-3DES-MD5

Mode: Tunnel

PFS: No PFS

Lifetime: 4608000kB/3600sec

Attached is a diagram with public IPs changed. Can anyone offer some help with this? I am not sure whether I will need to use Crypto Maps and whether I will have to use ACLs

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
marvin00001 Tue, 02/20/2007 - 00:25

Hi Andrew

the easiest way to do this is to create a GRE Tunnel on each side and then encrypt the tunnel with an IPSEC profile.

Let Me know if you need an example config

Marvin,

The only problem with this solution is that the GRE tunnel requires another subnet over it, correct? I am using this sort of configuration for connectivity between branch offices, however I have no control over the configuration of the 7206 as it is run by Vodafone. When we asked for a configuration example, they said they don't give out configuration details apart from PSK and ISAKMP and IPSEC config requirements :(

Actions

This Discussion