Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ipsec vpn site-to-site setting up for the first time

i'm setting up ipsec vpn (site-to-site) between a pix 525 and a 3660 for the first time. i'm setting this up in a lab

environment. i have set up static ips only for simplicity. from the pix 525, i can ping up to 3660's 172.17.63.230 but not the LAN IP of 10.2.2.1. what do i need to do ? any help is much appreciated. thank you.

topology:

pix 525 -- r1 -- r2 -- 3660

topology with the IPs:

<10.1.1.1> pix 525 <172.17.63.213> -- <172.17.63.209> r1 <12.1.1.1> -- <12.1.1.2> r2 <172.17.63.225> -- <172.17.63.230> 3660 <10.2.2.1>

2 REPLIES
Hall of Fame Super Blue

Re: ipsec vpn site-to-site setting up for the first time

Hi

Could you post the config for r2.

Also on a more general note. Setting up IPSEC VPN's to get experience with them is a lot easier if you have hosts on either LAN rather than trying to ping between the 2 IPSEC peer gateways.

Jon

New Member

Re: ipsec vpn site-to-site setting up for the first time

Hi,

I think in Pix525 we have to add another command also. Please try this command "sysopt connection permit-ipsec" in config mode.

Cheers,

Krishna.

106
Views
0
Helpful
2
Replies
CreatePlease login to create content