I need some help setting up a link between a Head Office UC540 and a remote SR520 which I want to use a PC and an IP Phone from. This remote site is the first of several.
I've found several examples of site to site IPsec VPNs, but none with references to voice and data VLANs, do I need to worry about this or will the phone just work.
All Advice and suggestions gratefully accepted,
Here is a LAN-to-LAN VPN sample configuration between 2 IOS routers:
Assuming from your example:
VLAN 1 - data - 192.168.19.0/24
VLAN 100 - voice - 10.1.1.0/24
And on the other side:
VLAN 1 - data - 192.168.20.0/24
VLAN 100 - voice: 10.2.2.0/24
The crypto ACL would:
access-list 150 permit ip 192.168.19.0 0.0.0.255 192.168.20.0 0.0.0.255
access-list 150 permit ip 10.1.1.0 0.0.0.255 10.2.2.0 0.0.0.255
Crypto ACL on the other side would be:
access-list 150 permit ip 192.168.20.0 0.0.0.255 192.168.19.0 0.0.0.255
access-list 150 permit ip 10.2.2.0 0.0.0.255 10.1.1.0 0.0.0.255