Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
272
Views
0
Helpful
2
Replies

crypto between point to point leased line

binoyjosephstanly
Level 1
Level 1

‎11-09-2006 11:36 PM

Dear all

i have 5 remote locations. my central router is 2600 with wic-8A/S and my remote offices are 1700 with wic-2A/S.

both all the routers are using Secured encryption k9 IOS.

rt now the leased line is 128kbps, i'm planning to upgrade this to 512 so for that purpose i have purchased 3845 and encryption IOS. and i have configured the 3845 router but the 512 kb upgrade will happen in future only for that i have WIC -1T cards.

so i have removed the WIC-8A/S from 2600 and fixed it in 3845 and configured and i can see the remote office servers thru windows remote desktop software but when the users started working with application it is not working properly.and mails also not working but i can see that servers are pinging and i can do remote management also. and i removed encryption from one branch and tested i can see that people from that branch are working perfectly.

rest 5 branches are facing the problem.

i'm posting the configuration of 3845 router and config of one branch please check.this configuration was working without any prblm in 2600.and when this prb happend i reverted back the wic-8A/S to 2600 and all the branches started working without any problem.

*** please note***

crypto map ahb_top 1 ipsec-isakmp

when i'm configuring the above line after ipsec-isakmp there are 2 options available dynamic and one more here what should i configure. please check the config and suggest.

i will rate all the posts.

Regds

Binoy

Labels:
Preview file
4 KB
Preview file
6 KB
0 Helpful
2 Replies 2

a-vazquez
Level 6
Level 6

‎11-15-2006 10:42 AM

Crypto maps are used to specify which DES encryption algorithm(s) will be used in conjunction with each access list defined in the previous step. Crypto maps are also used to identify which peer routers will provide the remote end encryption/authentication services. You must define one crypto map for each interface that will send encrypted data to a peer encrypting router

http://www.cisco.com/en/US/products/sw/iosswrel/ps1824/products_configuration_guide_chapter09186a0080087e8b.html#17650

0 Helpful

spremkumar
Level 9
Level 9
In response to a-vazquez

‎11-15-2006 11:09 PM

Hi Binoy

In addition to Anthony's comments i would suggest to build individual separate crypto maps for respective peers with difference sequence numbers with exact peer address attached to it.

Once you are done with the same you can assign the crypto map and check.

similar kinda config sample has been discussed under the link pasted by Anthony.

regds

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents