Dear Cflory,

As i want to have a site to site ipsec tunnel between Site A and Site B

On Site A :-

I have SA540 with public ip x.x.x.x Lan Ip 192.168.0.1

On Site B :-

I have Linksys router to which my ADSL Line is connected its lan ip is 192.168.1.1

for vpn tunnel i have taken cisco SA540 on my wan interface the ip is 192.168.1.2 and the lan ip is 192.168.2.1

As in my Site B i dont have an public ip so i am using Dyndns (abc.dyndns.com) is configured on my linksys router so i would like to know what configuration i should make on my Site A.

I think this picture will give you some information...

If u can help me by giving the configuration as i have never with DYNDNS..

Plz any one can help with the configuration

This is my Site B configuration.....

access-list NO-NAT permit ip 192.168.2.1 255.255.255.0 192.168.0.0 255.255.255.0

access-list 101 permit ip 192.168.2.1 255.255.255.0 192.168.0.0 255.255.255.0

pager lines 24

logging on

mtu outside 1500

mtu inside 1500

mtu intf2 1500

!--- Wan Ip address from Linksys router where Dyndns is confirured

ip address outside 192.168.1.2 255.255.255.0

ip address inside 192.168.2.1 255.255.255.0

global (outside) 1 interface

nat (inside) 0 access-list NO-NAT

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

route outside 192.168.2.0 255.255.255.0 192.168.1.1 1

!--- IPsec configuration, Phase 2.

crypto ipsec transform-set esp-des esp-md5-hmac

crypto map IPSEC 10 ipsec-isakmp

crypto map IPSEC 10 match address 101

crypto map IPSEC 10 set peer x.x.x.x

crypto map IPSEC 10 set transform-set

crypto map IPSEC interface outside

!--- policy, Phase 1.

isakmp enable outside

isakmp key cisco123 address x.x.x.x netmask 255.255.255.255

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption des

isakmp policy 10 hash md5

isakmp policy 10 group 1

isakmp policy 10 lifetime 86400