Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

tunnel ipsec from router and Isa Server


I have an a router Cisco 1700 with a IP public address an interface bri0.

I need to deploy an a tunnel IPSec from the Lan behind this router and that of the headquarters where is an a Isa Server 2003.

Does anybody advice an a document where can I see how do it ?

best regards



Re: tunnel ipsec from router and Isa Server

Buon giorno,

basically, what you need to do is set up both th BRI interface on the 1700 and the ISA server as each other´s peer. The configuration on the 1700 would look like this (all IP addressing is arbitrary):

crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

crypto isakmp key cisco123 address


crypto ipsec transform-set myset1 esp-3des esp-md5-hmac


crypto map mymap 10 ipsec-isakmp

set peer

set transform-set myset1


match address 100


interface BRI0

ip address

crypto map mymap


interface FastEthernet0/0

ip address

no ip directed-broadcast

ip nat inside



ip http server

no ip http secure-server

ip classless

ip route BRI0


access-list 100 permit ip

On the ISA side, I am not sure if the ISA 2003 has a wizard similar to the 2004, but have a look at this document:

Configuring IPSec Tunnel Mode VPN Between ISA Server 2004 and Cisco PIX v6.3.1

Although the endpoint in this example is a PIX, the procedure for the ISA is the same.

Let me know if this helps, and if you need more help to get this to work.