VPN configuration between cisco 2911 router and cisco RV180w (5 brach) router.
hi, currently i have 5 branches which has connected through VPN on cisco RV180 w router we are planning to install cisco 2911 router at my main branch. so i want to connect my all branches through vpn on static ip which has provided by our isp. so pls guide my what a i can do. i have tried to configure my cisco 2911 vpn but im not able to ping my branches.
In order to create site to site VPN you will need to use certain parameters.
you will have to create the "Crypto"
crypto isakmp policy 10 encr 3des authentication pre-share group 2 crypto isakmp key "VPN@123" address X.X.X.X (Peer Ip address) (should be created for each Branch) and the Key should be matching on both the ends ! ! crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac (you will have to define the transform set)
crypto map VPN 10 ipsec-isakmp (should be created for each Branch) set peer X.X.X.X set transform-set ESP-3DES-SHA match address 10
ip access-list extended 10 (Interesting traffic source and destination) permit ip 10.10.10.0 0.0.0.255 172.16.1.0 0.0.0.255
interface FastEtherenet0/0 crypto map VPN (Attaching Crypto map to outside interface or interface connecting to the internet)
ip access-list extended NAT_Exempt (NO NAT Statement) deny ip 10.10.10.0 0.0.0.255 172.16.1.0 0.0.0.255 permit ip 10.10.10.0 0.0.0.255 any
route-map nonat permit 10 match ip address NAT_Exempt
to verfiy the site to site you can use the below commands
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :