Example VPN config help

Unanswered Question
Apr 25th, 2009
User Badges:

Hello, I hope someone can put me in the right direction here.

I will be configuring a Cisco 2621 router that will need to have a VPN connection to a Cisco ASA firewall. I was wondering if anyone has a simple config I could use based on the following settings, I am trying this in a lab first so the outside ports are in a hib at the moment:



Outside IP - (example IP)


DH-Group 5

Pre-shared Key - cisco



Outside IP -

Let me know if I have missed anything.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jamesgonzo Sun, 04/26/2009 - 02:14
User Badges:

Thanks for spending the time to answer my post.

It will be a static to staic site-to-site VPN not dynamic.

In my lab I think I will have to give both peer IP's (outside ports into hub) an address in the same subnet so they can commuicate?

Not really - all you need is a x-over cable and some default static routes.

e.g ASA:-

Outside Interface

IP address

route outside

E.G Router:-

int eth 0/0 or fa 0/0

ip address

ip route eth 0/0 or fa 0/0

The above instructs the device to pass default traffic out the respective interfaces and "arp" for the mac using the specific IP or interface - since they are on a hub or x-over the remote side will respond.


jamesgonzo Sun, 04/26/2009 - 02:32
User Badges:


Sorry for the silly question but if and go into a hub how will they ping each other as they are on different subnets?

Not a silly question if you do not know - but you are missing some of the basic priciples.

Even though it's not proper english - you should never answer a question with a question, but this time it's fitting to do so...so let me ask you:-

What is a broadcast domain?

What is ARP?

Knowing the concepts/operation of the above will answer your question.



This Discussion