Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
284
Views
0
Helpful
3
Replies

Creating tunnel between two end point

mahesh-gohil
Level 1
Level 1

‎09-28-2008 08:43 PM - edited ‎03-06-2019 01:38 AM

Dear All,

I need config support for establishing a tunnel

RouterA--PE--My Cloud--Internet Cloud--RouterB

I want to create tunnel between RouterA and RouterB. Ultimately it is tunnel between two router connected via Internet

Hope you understand my requirement

As it is internet so remember I have option of static or BGP only

Please help

Mahesh

Labels:
0 Helpful
3 Replies 3

satish_zanjurne
Level 4
Level 4

‎09-28-2008 09:22 PM

Hi,

Find below IPSec Tunnel configuration.

Router A

--------------------------------------

crypto isakmp policy 10

encryption aes 256

authentication pre-share

*****preshare for opposite peer w.x.y.z*******

crypto isakmp key cisco123 address w.x.y.z

crypto ipsec transform-set aesset esp-aes 256 esp-sha-hmac

crypto map aesmap 10 ipsec-isakmp

set peer w.x.y.z

set transform-set aesset

match address acl_vpn

interface FastEthernet0

description***outside/wan interface*****

ip address a.b.c.d x.x.x.x

crypto map aesmap

***set static route to RouterB LAN*******

ip route x.x.x.x x.x.x.x FastEthernet0

*****set encrypted traffic from RouterA LAN to RouterB LAN*****

ip access-list extended acl_vpn

permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255

------------------------------------------------

Router B

______________________________________________

crypto isakmp policy 10

authentication pre-share

crypto isakmp key cisco123 address a.b.c.d

crypto ipsec transform-set aesset esp-aes 256 esp-sha-hmac

crypto map aesmap 10 ipsec-isakmp

set peer a.b.c.d

set transform-set aesset

match address acl_vpn

interface FastEthernet0

ip address w.x.y.z x.x.x.x

crypto map aesmap

****set static route to RouterA LAN*****

ip route x.x.x.x x.x.x.x FastEthernet0

****Set encrypted traffic from RouterB LAN to RouterA LAN*****

ip access-list extended acl_vpn

permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255

____________________________________________

HTH...rate if helpful..

0 Helpful

Marwan ALshawi
VIP Alumni
VIP Alumni

‎09-28-2008 09:23 PM

u need at leat one public IP addres if two better

and just configure IPsec vpn site-to-site

which is secure and dose the job for u as wanted

for config have a look at the folloing link:

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080094634.shtml

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00801dddbb.shtml

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080093f86.shtml

good luck

if helpful Rate

0 Helpful

mahesh-gohil
Level 1
Level 1
In response to Marwan ALshawi

‎09-28-2008 10:26 PM

Ok let me work on it . will rate it later

Thanks Guys

Bye

mahesh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card