Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IPsec

Hi gents, I have configured an IPsec but it dont want to ping my next hop router. belo are my configs for router A & B.

Router A

!

crypto isakmp policy 1

encr aes

hash md5

authentication pre-share

group 2

lifetime 500

crypto isakmp key neo address 172.1.1.2

!

!

crypto ipsec transform-set Dimpho esp-aes esp-sha-hmac

!

crypto map VPN_MAP 1 ipsec-isakmp

set peer 172.1.1.2

set security-association lifetime seconds 200

set transform-set Dimpho

match address ACL

!

ip access-list extended ACL

permit ip 192.5.1.0 0.0.0.255 192.1.1.0 0.0.0.255

!

interface ATM3/0

ip address 172.1.1.1 255.255.255.0

no atm ilmi-keepalive

crypto map VPN_MAP

pvc 1/200

encapsulation aal5snap

!

Router B

!

crypto isakmp policy 1

encr aes

hash md5

authentication pre-share

group 2

lifetime 500

crypto isakmp key neo address 172.1.1.1

!

!

crypto ipsec transform-set Dimpho esp-aes esp-sha-hmac

!

!

crypto map VPN_MAP 1 ipsec-isakmp

set peer 172.1.1.1

set security-association lifetime seconds 200

set transform-set Dimpho

match address ACL

!

ip access-list extended ACL

permit ip 192.1.1.0 0.0.0.255 192.5.1.0 0.0.0.255

!

interface ATM1/0

ip address 172.1.1.2 255.255.255.0

atm clock INTERNAL

no atm ilmi-keepalive

crypto map VPN_MAP

pvc 1/200

no oam-pvc manage

encapsulation aal5snap

!

!

1 REPLY
New Member

Re: IPsec

Hi all, sorry for the inconvenience. It's working well, I think it needed some time before it can ping. Thanks.

233
Views
0
Helpful
1
Replies
CreatePlease to create content