Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
395
Views
0
Helpful
4
Replies

Setting up VPN Tunnel

Urfan Khaliq
Level 1
Level 1

‎09-11-2007 12:47 AM - edited ‎02-21-2020 03:15 PM

Hi I am attempting to create a VPN tunnel between a 2621 and a cisco 877 ADSL router.

The setup is as below...

[2621](On Site)

fe0/0 has internal class C address

fe0/1 has external /30 address

no nat is used inside this network as all PC's have real IP's

[877] (remote location)

Dialer0 has bt broadband assigned address

I am doing the following...

creating virtual tunnel interfaces on both and assigninng private addresses to each? (Not sure best thing to do here...)

[2621 Setup]

tunnel source = fe0/1 address

tunel destination = 877's dialer0 address

tunnel mode gre ip

no shut

[877 SETUP]

ip address (a private one?)

tunnel source = dialer0 of 877

tunnel destination = fe01 of 2621

tunnel mode gre ip

no shut

Once this is done i thoght I should be able to ping each tunnell interface from the other?

Please can someone help and point me in the righ direction....

(PS I have been following the "Site to Site and Extranet VPN Business Scenarios" doc from Cisco site.

Labels:
0 Helpful
4 Replies 4

spremkumar
Level 9
Level 9

‎09-11-2007 09:30 PM

hi

can you post the output of show run/show ip int brief/show interface tunnel x and also show ip route.

regds

0 Helpful

Urfan Khaliq
Level 1
Level 1
In response to spremkumar

‎09-12-2007 01:50 AM

Hi,

Thanks for the interest, I have however got the VPN tunnel working (I was just making silly mistakes)

However i now need to encrypt the tunnel and am not sure wht is the best and easiest (quicker way) to implement the encryption?

Any ideas anyone?

Urfan

0 Helpful

spremkumar
Level 9
Level 9
In response to Urfan Khaliq

‎09-12-2007 02:06 AM

Hi Urfan

You can refer the below link for more info on configuring up the same...

Instead of configuring and binding the crypto map onto your physical interface you need to attach the same under the logical tunnel interface.

Also make sure that you have your traffic forwarded via the tunnel interface so that they are encrypted end to end.

http://cisco.com/en/US/tech/tk583/tk372/tech_configuration_examples_list.html#anchor17

regds

0 Helpful

Urfan Khaliq
Level 1
Level 1
In response to spremkumar

‎09-12-2007 02:27 AM

Hi thanks for that spremkumar, im a little confused as to which document to use...I am trying to implement a shared key between the two by using the crypto isakmp command which seems to work on the 877 but the command is not recognised ni the 2621?

Im not sure why and what else i can do?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents