Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Want to configure IPSEC on both end of the routers

Hi Gurus,

Currently have a project to configure encryption for both end point to point of site locations. How can I go about IPSEC configuration and ANYway to verify that the IPSEC configuration really working or not..?

I am using router 1760 for your info..:)

thanks!

9 REPLIES

Re: Want to configure IPSEC on both end of the routers

Hi

First of all, why do you want to put unnessory load on the router if its a P2P link?

You should have an IP Plus IOS to have this feature

But still....

Hope the following link is self-explainatory:

http://www.cisco.com/warp/public/105/IPSECpart1.html

Regards

JD

New Member

Re: Want to configure IPSEC on both end of the routers

JD,

Cause need to encrypt the data as we are connecting to the external party..

Thanks for the link, anyway to verify that IPSEC is successfully configured?

thanks..

Hall of Fame Super Bronze

Re: Want to configure IPSEC on both end of the routers

Type

#sh cry ip sa

You should have a list of networks within the tunnel and incrementing traffic on 'interesting networks'.

New Member

Re: Want to configure IPSEC on both end of the routers

what type of traffic considered as 'interesting networks'??

thanks..

Hall of Fame Super Bronze

Re: Want to configure IPSEC on both end of the routers

The one you included in the match traffic command within the crypto.

You should have something like:

crypto map Core2Core 1 ipsec-isakmp

set peer [peer ip]

set transform-set [policies]

match address 101

access-list 101 permit ip [source interesting traffic] [destination intereresting traffic]

--

Please rate helpful posts.

Thanks

New Member

Re: Want to configure IPSEC on both end of the routers

Well, I read the article and it was saying to apply crypto map to egress interface instead of ingress interface..

What is the meaning of this statement?

thanks again !

ken

Hall of Fame Super Bronze

Re: Want to configure IPSEC on both end of the routers

egress interface means the outside interface, packets should be encrypted as they leave the router to the remote connection.

ingress interface means inside interface, packets should not be encrypted as they go to the inside network.

New Member

Re: Want to configure IPSEC on both end of the routers

Thanks,

if i have to do testing on the ipsec,

can i have 2 router 1760 series and then

apply crypto map on the fast ethernet??

What i want to achieve in this test is to create a ipsec tunnelling between the 2 Routers fast ethernet connection connected by the cross cable..

Can i do this to verify my ipsec is working??

thks,

rgd,s

Hall of Fame Super Bronze

Re: Want to configure IPSEC on both end of the routers

Yes, you can.

123
Views
4
Helpful
9
Replies
CreatePlease login to create content