IPsec

Unanswered Question
Feb 28th, 2009
User Badges:

Hi gents, I have configured an IPsec but it dont want to ping my next hop router. belo are my configs for router A & B.


Router A


!

crypto isakmp policy 1

encr aes

hash md5

authentication pre-share

group 2

lifetime 500

crypto isakmp key neo address 172.1.1.2

!

!

crypto ipsec transform-set Dimpho esp-aes esp-sha-hmac

!

crypto map VPN_MAP 1 ipsec-isakmp

set peer 172.1.1.2

set security-association lifetime seconds 200

set transform-set Dimpho

match address ACL

!

ip access-list extended ACL

permit ip 192.5.1.0 0.0.0.255 192.1.1.0 0.0.0.255

!

interface ATM3/0

ip address 172.1.1.1 255.255.255.0

no atm ilmi-keepalive

crypto map VPN_MAP

pvc 1/200

encapsulation aal5snap

!



Router B


!

crypto isakmp policy 1

encr aes

hash md5

authentication pre-share

group 2

lifetime 500

crypto isakmp key neo address 172.1.1.1

!

!

crypto ipsec transform-set Dimpho esp-aes esp-sha-hmac

!

!

crypto map VPN_MAP 1 ipsec-isakmp

set peer 172.1.1.1

set security-association lifetime seconds 200

set transform-set Dimpho

match address ACL

!

ip access-list extended ACL

permit ip 192.1.1.0 0.0.0.255 192.5.1.0 0.0.0.255

!

interface ATM1/0

ip address 172.1.1.2 255.255.255.0

atm clock INTERNAL

no atm ilmi-keepalive

crypto map VPN_MAP

pvc 1/200

no oam-pvc manage

encapsulation aal5snap

!

!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mailaglady2 Sat, 02/28/2009 - 13:31
User Badges:

Hi all, sorry for the inconvenience. It's working well, I think it needed some time before it can ping. Thanks.

Actions

This Discussion