Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
4
Helpful
4
Replies

p-t-p leased line using crypto need help

binoyjosephstanly
Level 1
Level 1

‎11-10-2006 09:56 PM - edited ‎03-03-2019 02:40 PM

Dear all

i have 5 remote locations. my central router is 2600 with wic-8A/S and my remote offices are 1700 with wic-2A/S.

both all the routers are using Secured encryption k9 IOS.

rt now the leased line is 128kbps, i'm planning to upgrade this to 512 so for that purpose i have purchased 3845 and encryption IOS. and i have configured the 3845 router but the 512 kb upgrade will happen in future only for that i have WIC -1T cards.

so i have removed the WIC-8A/S from 2600 and fixed it in 3845 and configured and i can see the remote office servers thru windows remote desktop software but when the users started working with application it is not working properly.and mails also not working but i can see that servers are pinging and i can do remote management also. and i removed encryption from one branch and tested i can see that people from that branch are working perfectly.

rest 5 branches are facing the problem.

i'm posting the configuration of 3845 router and config of one branch please check.this configuration was working without any prblm in 2600.and when this prb happend i reverted back the wic-8A/S to 2600 and all the branches started working without any problem.

*** please note***

crypto map ahb_top 1 ipsec-isakmp

when i'm configuring the above line after ipsec-isakmp there are 2 options available dynamic and one more here what should i configure. please check the config and suggest.

i will rate all the posts.

Regds

Binoy

Labels:
Preview file
4 KB
Preview file
6 KB
0 Helpful
4 Replies 4

network.king
Level 4
Level 4

‎11-10-2006 11:23 PM

Hi,

I think you should have the set peer seperately rather than in a single crypto map

crypto map ahb_top 1 ipsec-isakmp

set peer 192.1.9.2

set security-association lifetime seconds 180

set transform-set ahb_good

match address 101

crypto map ahb_top 2 ipsec-isakmp

set peer 192.1.7.2

set security-association lifetime seconds 180

set transform-set ahb_good

match address 101

Similarly do it for others ..

Hope the same helps

regards

vanesh k

0 Helpful

binoyjosephstanly
Level 1
Level 1
In response to network.king

‎11-10-2006 11:32 PM

vanesh thanxs for your response.

but vanesh the same configuration is working without any prb in my 2600xm router.

when i'm configuring

crypto map ahb_top1 ipsec-isakmp

and if i press enter key i'm getting 2 options dynamic and one more here what should i give.

when i press after without giving thezse options its saying incomplete command

pls advice

Regds

Binoy

0 Helpful

network.king
Level 4
Level 4
In response to binoyjosephstanly

‎11-10-2006 11:49 PM

Hi ,

We need to give dynamic , when we have configured a dynamic map , but in your case you donot require anything

" crypto map ahb_top 1 ipsec-isakmp " is enough .

Pls let me know what is the other one you are getting

regards

vanesh k

0 Helpful

network.king
Level 4
Level 4
In response to network.king

‎11-11-2006 12:05 AM

Hi,

For configuring static crypto map , u need to just configure " crypto map ahb_top 1 ipsec-isakmp " , it would just say , the config would be incomplete unless you configure the peer and others .

You can configure as I have mentioned earler and try.

Hope this helps.

Pls rate all posts

regards

vanesh k

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card