Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

tunnel ipsec from router and Isa Server

Hi,

I have an a router Cisco 1700 with a IP public address an interface bri0.

I need to deploy an a tunnel IPSec from the Lan behind this router and that of the headquarters where is an a Isa Server 2003.

Does anybody advice an a document where can I see how do it ?

best regards

Lorenzo

1 REPLY

Re: tunnel ipsec from router and Isa Server

Buon giorno,

basically, what you need to do is set up both th BRI interface on the 1700 and the ISA server as each other´s peer. The configuration on the 1700 would look like this (all IP addressing is arbitrary):

crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

crypto isakmp key cisco123 address 192.168.1.2

!

crypto ipsec transform-set myset1 esp-3des esp-md5-hmac

!

crypto map mymap 10 ipsec-isakmp

set peer 192.168.1.2

set transform-set myset1

!

match address 100

!

interface BRI0

ip address 192.168.1.1 255.255.255.252

crypto map mymap

!

interface FastEthernet0/0

ip address 172.16.1.1 255.255.255.0

no ip directed-broadcast

ip nat inside

half-duplex

!

ip http server

no ip http secure-server

ip classless

ip route 0.0.0.0 0.0.0.0 BRI0

!

access-list 100 permit ip 172.16.1.0 0.0.255.255 172.16.2.0 0.0.255.255

On the ISA side, I am not sure if the ISA 2003 has a wizard similar to the 2004, but have a look at this document:

Configuring IPSec Tunnel Mode VPN Between ISA Server 2004 and Cisco PIX v6.3.1

http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/ipsecvpn.mspx

Although the endpoint in this example is a PIX, the procedure for the ISA is the same.

Let me know if this helps, and if you need more help to get this to work.

Regards,

GNT

229
Views
0
Helpful
1
Replies