Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

accept VPN client on Cisco 1841 with site-to-site to Cisco 501

I have a site-to-site with Cisco1841 on my head office. 1841 connect to Pix501 at Branch1. I want to accept VPN client with a soft on my 1841. Is it possible on the same interface ???

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: accept VPN client on Cisco 1841 with site-to-site to Cisco 5

no doubt this is supported.

below are the codes for configuring both lan-lan vpn and remote vpn access on a router:

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp key xxxxxxxx address no-xauth

crypto isakmp client configuration group vpngroup

key xxxxxxxx

pool vpnpool

acl 130

crypto ipsec transform-set vpnset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10

set transform-set vpnset

crypto map vpnmap client authentication list vpnauthen

crypto map vpnmap isakmp authorization list vpnauthor

crypto map vpnmap client configuration address respond

crypto map vpnmap 10 ipsec-isakmp dynamic dynmap

crypto map vpnmap 20 ipsec-isakmp

set peer

set transform-set superset

match address 140

interface Ethernet0

ip address 192.168.1.1 255.255.255.0

ip nat inside

interface Dialer0

ip address

ip nat outside

crypto map vpnmap

ip local pool vpnpool 10.1.1.1 10.1.1.10

ip nat inside source route-map nonat interface Dialer0 overload

access-list 101 deny ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 130 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 140 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

route-map nonat permit 10

match ip address 101

2 REPLIES
Gold

Re: accept VPN client on Cisco 1841 with site-to-site to Cisco 5

no doubt this is supported.

below are the codes for configuring both lan-lan vpn and remote vpn access on a router:

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp key xxxxxxxx address no-xauth

crypto isakmp client configuration group vpngroup

key xxxxxxxx

pool vpnpool

acl 130

crypto ipsec transform-set vpnset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10

set transform-set vpnset

crypto map vpnmap client authentication list vpnauthen

crypto map vpnmap isakmp authorization list vpnauthor

crypto map vpnmap client configuration address respond

crypto map vpnmap 10 ipsec-isakmp dynamic dynmap

crypto map vpnmap 20 ipsec-isakmp

set peer

set transform-set superset

match address 140

interface Ethernet0

ip address 192.168.1.1 255.255.255.0

ip nat inside

interface Dialer0

ip address

ip nat outside

crypto map vpnmap

ip local pool vpnpool 10.1.1.1 10.1.1.10

ip nat inside source route-map nonat interface Dialer0 overload

access-list 101 deny ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 101 deny ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 130 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 140 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

route-map nonat permit 10

match ip address 101

Community Member

Re: accept VPN client on Cisco 1841 with site-to-site to Cisco 5

Thank you for your assistance, it is really appreciated

135
Views
0
Helpful
2
Replies
CreatePlease to create content