If that list of links is a bit overwhelming, have a look at http://www.psionic.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080194650.shtml

This explains router-to-router ipsec using pre-shared keys (be sure to use something other than "cisco123" as the key) and AES encryption (more performant than 3DES, unless you have 3DES in hardware).

hth

Herbert

Can i use this configuration sample for any router model. I 'm having 2 3660 router with

regards

Should be no problem (of course you need an IOS with crypto support), just be sure to apply the "crypto map" on your serials (instead of the ethernets in the example) and adjust the IP addresses and networks to suit your network.

One other thing to note is that the access-list (used by the crypto map) always needs to be the mirror image of the other router's access-list.

success with the implementation,

Herbert

Since you will need an IPSec image on your routers, you will need to check on how much Flash and memory they currently have. Usually 3660 routers come with 32/8 MB [DRAM/Flash] configuration whereas you will need 64/16 MB configuration for IPSec images. I would recommend the 12.3(2T)-IP/IPSec/3DES image.

How many users and what type of applications will the IPSec tunnel support? You may want to consider installing the AIM module [Part: AIM-VPN/HP=] which performs hardware encryption and offloads router's CPU processing load for IPSec traffic.

HTH,

Rajesh

I have 3 subnets. One of the subnets is used for some special purpose.My aim is to segregate this subnet from the other two with security.So that it does not interfere with my other traffic...

I thought of Tunneling between the routers...

regards