Cisco IPSec VPN Configuration Examples

Cisco IPSec VPN Configuration Examples

Cisco IPSec VPN Configuration Examples

Commands

To verify the VPN Tunnel

Router# show crypto session
Router# show crypto session detail

Setting

IPSec VPN Image

CONFIGURE ISAKMP

R1(config)# crypto isakmp policy 1
R1(config-isakmp)# encryption 3des
R1(config-isakmp)# hash sha
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# group 2
R1(config-isakmp)# lifetime 86400

R1(config)# crypto isakmp key cisco address 1.1.1.2
R1(config)# crypto isakmp keeepalive 30 periodic

The peer’s pre shared key is set to cisco.

CONFIGURE IPSEC

CREATING EXTENDED ACL

R1(config)# access-list 101
R1(config-ext-nacl)# permit ip 10.10.10.0 0.0.0.255 20.20.20.0 0.0.0.255

CREATE IPSEC TRANSFORM (ISAKMP PHASE 2 POLICY)

R1(config)# crypto ipsec transform-set IPSEC esp-3des esp-md5-hmac

CREATE CRYPTO MAP

R1(config)# crypto map CRYPTMAP 1 ipsec-isakmp
R1(config-crypto-map)# set peer 1.1.1.2
R1(config-crypto-map)# set transform-set IPSEC
R1(config-crypto-map)# match address 101

APPLY CRYPTO MAP TO THE PUBLIC INTERFACE

R1(config)# interface GigabitEthernet0/0
R1(config-if)# crypto map CRYPTMAP

Reference

Configuring Site to Site IPSec VPN Tunnel Between Cisco Routers

Cisco IOS, NX-OS CLI Commands

Table of Contents

Cisco IPSec VPN Configuration Examples

Table of Contents

Commands

Setting

CONFIGURE ISAKMP

CONFIGURE IPSEC

CREATING EXTENDED ACL

CREATE IPSEC TRANSFORM (ISAKMP PHASE 2 POLICY)

CREATE CRYPTO MAP

APPLY CRYPTO MAP TO THE PUBLIC INTERFACE

Reference