Example VPN config help

Unanswered Question
Apr 25th, 2009
User Badges:

Hello, I hope someone can put me in the right direction here.


I will be configuring a Cisco 2621 router that will need to have a VPN connection to a Cisco ASA firewall. I was wondering if anyone has a simple config I could use based on the following settings, I am trying this in a lab first so the outside ports are in a hib at the moment:


ASA:

LAN - 192.168.200.0/24

Outside IP - 1.1.1.1 (example IP)

AES-256/SHA

DH-Group 5

Pre-shared Key - cisco


Router:

LAN - 10.10.10.0/24

Outside IP - 2.2.2.2


Let me know if I have missed anything.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jamesgonzo Sun, 04/26/2009 - 02:14
User Badges:

Thanks for spending the time to answer my post.


It will be a static to staic site-to-site VPN not dynamic.


In my lab I think I will have to give both peer IP's (outside ports into hub) an address in the same subnet so they can commuicate?

Not really - all you need is a x-over cable and some default static routes.


e.g ASA:-


Outside Interface

IP address 1.1.1.1 255.255.255.0

route outside 0.0.0.0 0.0.0.0 1.1.1.1


E.G Router:-

int eth 0/0 or fa 0/0

ip address 2.2.2.2 255.255.255.0

ip route 0.0.0.0 0.0.0.0 eth 0/0 or fa 0/0


The above instructs the device to pass default traffic out the respective interfaces and "arp" for the mac using the specific IP or interface - since they are on a hub or x-over the remote side will respond.


HTH>

jamesgonzo Sun, 04/26/2009 - 02:32
User Badges:

Thanks.


Sorry for the silly question but if 1.1.1.1 and 2.2.2.2 go into a hub how will they ping each other as they are on different subnets?

Not a silly question if you do not know - but you are missing some of the basic priciples.


Even though it's not proper english - you should never answer a question with a question, but this time it's fitting to do so...so let me ask you:-


What is a broadcast domain?

What is ARP?


Knowing the concepts/operation of the above will answer your question.


HTH>

Actions

This Discussion