Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
401
Views
0
Helpful
1
Replies

Site to Site VPN

abbas.ali
Level 1
Level 1

‎10-31-2005 09:02 PM

Can someone point to good step by step site to site VPN configuraion between:

2800 IOS routers.

All I want to configure site-site VPN with IPSEC tunnel between private networks and NATTING private to public address for the Internet.

What is the valuable show/debug commands to see if tunnel is up or down?

I did most of the configuration, but not able to ping the Private address from hub to spoke. Network Unreachable. When I build the static private routes from hub to spoke or vice versa what will be my gateway address. I know for the default route, it gets pointed to the far end Service Provider router's IP address, but where do I point the gateway address for private networks.

Thanks

Labels:
0 Helpful
1 Reply 1

aacole
Level 5
Level 5

‎11-01-2005 12:22 AM

This should help,its a basic template for L2L IPSec, NAT for Internet and of course a firewall.

To see if the tunnel is up, `sh crypto isakmp sa', if its at QM_idle Phase 1 has passed ok.

Then `sh crypto ipsec sa' will indicate if the tunnels have established, look for packets encrypted and decrypted.

Let me know if you need any more help.

Andy

Preview file
3 KB
0 Helpful
Customers Also Viewed These Support Documents