IPSec Config

--SITE A--

Crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
Crypto isakmp key  address SITE_A_IP no-xauth

crypto ipsec transform-set trans esp-3des esp-sha-hmac

Crypto map crypto_map 10 ipsec-isakmp
  set peer SITE_A_IP
  set transform-set trans
  match address ACL_To_Site_B

Interface gi0/1
  crypto map crypto_map

ip access-list extended ACL_To_Site_B
  10 permit ip 192.168.2.0 0.0.3.255 SITE_B_NET 0.0.3.255

--SITE B--

Crypto isakmp policy 1
  encr 3des
  authentication pre-share
  group 2
Crypto isakmp key  address SITE_B_IP no-xauth

crypto ipsec transform-set trans esp-3des esp-sha-hmac

Crypto map crypto_map 10 ipsec-isakmp
  set peer SITE_B_IP
  set transform-set trans
  match address ACL_To_Site_A

Interface Public_Interface
  crypto map crypto_map

ip access-list extended ACL_To_Site_A
  10 permit ip 192.168.1.0 0.0.0.255 SITE_A_NET 0.0.3.255
..

IPSec Config

Leave a Reply

Pages
