Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

SR520 and site-to-site VPN

I'm trying to configure a SR520 in place of a Zyxel 662H that had 10 IPsec VPNs towards our branches.

I'm not a professional, but I'm learning from the examples I find in the net.

What I have to do now is connect our branches (they all have Zyxel 661H and static IPs) with the SR520, so that they can access the central server's resources as if it was in their local network. Also, SR520 must give access, with NAT, to the head office's network towards internet (this part works, but don't know if I've made it in the right way).

Before we speak of configurations what is the best way to do so? IPsec profiles or policies? NAT access-lists or route-maps? the crypto-map should be applied to the ATM part or the VLAN?

So, you can see there's big confusion in my head. I need to figure things out instead of having a working configuration (but it wouldn't be so bad :)).

  • VPN
Everyone's tags (5)