02-08-2006 07:51 AM - edited 03-03-2019 01:44 AM
Hi all, can anyone please tell me how I would let certain ip's bring up my vpn tunnel, say the other end of the vpn is on a 172.28.x.x network, how would I get my other networks to bring up the tunnel from this end, and which end are the access lists set ?
cheers
02-08-2006 10:27 PM
Hi Carl
Can you pls throw more lite on the kinda vpn tunnel you are talking here and also the device model in which you are trying this.
regds
02-09-2006 07:22 AM
Hi there, Is a normal vpn to vpn tunnel, crypto !!, this is on my cisco 1700 router !!
thankyou
02-09-2006 09:14 AM
Carl,,
ACLs are set at both the ends to define the interesting traffic.. Any traffic which adheres to this ACL will only be allowed on the IPSEC tunnel...
for eg:
access-list 101 permit ip host 192.168.10.38 host 192.168.10.66
crypto map abc 10 ipsec-isakmp
(config-crypto-map)#set peer 192.168.10.38
(config-crypto-map)#set session-key lifetime seconds 4000
(config-crypto-map)#set transform-set aaa
(config-crypto-map)#match address 101
In this case only traffic from 10.38 to 10.66 is allowed..
hope this helps.. all the best.. rate replies if found useful
Raj
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: