ipsec vpn site-to-site setting up for the first time

Unanswered Question
Jul 5th, 2007
User Badges:

i'm setting up ipsec vpn (site-to-site) between a pix 525 and a 3660 for the first time. i'm setting this up in a lab

environment. i have set up static ips only for simplicity. from the pix 525, i can ping up to 3660's 172.17.63.230 but not the LAN IP of 10.2.2.1. what do i need to do ? any help is much appreciated. thank you.


topology:

pix 525 -- r1 -- r2 -- 3660


topology with the IPs:

<10.1.1.1> pix 525 <172.17.63.213> -- <172.17.63.209> r1 <12.1.1.1> -- <12.1.1.2> r2 <172.17.63.225> -- <172.17.63.230> 3660 <10.2.2.1>



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 07/05/2007 - 23:45
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Could you post the config for r2.


Also on a more general note. Setting up IPSEC VPN's to get experience with them is a lot easier if you have hosts on either LAN rather than trying to ping between the 2 IPSEC peer gateways.


Jon

krishnakomiti Fri, 07/06/2007 - 02:11
User Badges:

Hi,

I think in Pix525 we have to add another command also. Please try this command "sysopt connection permit-ipsec" in config mode.


Cheers,

Krishna.

Actions

This Discussion