Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to encrypt traffic on Cisco 7600 / Catalyst 6500 Services SPA Carrier Card-400

I need help for the following,

I have two 7600 between two location. I have installed  Cisco 7600 / Catalyst 6500 Services SPA Carrier Card-400 on both routers.

My intention I need to bring up the ISIS between the two routers as I have the requirement from the customer that traffic should be encrypted as this a 100 MB TLS circuit.

I mad a GRE tunnel and I want to bring my ISIS connectivity through this tunnel.

Below is the config,

crypto isakmp policy 25
hash md5
authentication pre-share
crypto isakmp key Dummy address
crypto isakmp invalid-spi-recovery
crypto isakmp profile test
   match identity address
   local-address GigabitEthernet1/23
crypto ipsec transform-set WWW ah-sha-hmac esp-aes 256
crypto map GRE local-address GigabitEthernet1/23
crypto map GRE 80 ipsec-isakmp
description test1
set peer
set security-association lifetime seconds 190
set transform-set WWW
set isakmp-profile test
match address 104

interface Tunnel10
ip address
ip router isis ABC

mpls ip
clns mtu 1400
isis metric 1000 level-2
isis authentication mode md5
isis authentication key-chain ABC-ISIS
no isis hello padding
tunnel source GigabitEthernet1/23
tunnel destination

interface GigabitEthernet1/23
description "To ISG2000-1 e1/3"
mtu 1600
ip address
speed 100
duplex full
mpls ip
no cdp enable
clns mtu 1400
crypto map GRE

Both router has the same config except the IP point to point ip, but I am unalbe to bring the link up.

Can anyone help me what I am doing wrong here or how I can configure correctly.

Please let me know.