cmdref.net - Cheat Sheet and Example

cmdref.net is command references/cheat sheets/examples for system engineers.

User Tools

Site Tools


Sidebar








Cloud



Etc


Reference














.

hardware:cisco:ipsec-vpn.html



Cisco IPSec VPN Configuration Examples

Commands

To verify the VPN Tunnel Router# show crypto session
Router# show crypto session detail


Setting

IPSec VPN Image

CONFIGURE ISAKMP

R1(config)# crypto isakmp policy 1
R1(config-isakmp)# encryption 3des
R1(config-isakmp)# hash sha
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# group 2
R1(config-isakmp)# lifetime 86400
R1(config)# crypto isakmp key cisco address 1.1.1.2
R1(config)# crypto isakmp keeepalive 30 periodic
  • The peer’s pre shared key is set to cisco.


CONFIGURE IPSEC

CREATING EXTENDED ACL

R1(config)# access-list 101
R1(config-ext-nacl)# permit ip 10.10.10.0 0.0.0.255 20.20.20.0 0.0.0.255

CREATE IPSEC TRANSFORM (ISAKMP PHASE 2 POLICY)

R1(config)# crypto ipsec transform-set IPSEC esp-3des esp-md5-hmac

CREATE CRYPTO MAP

R1(config)# crypto map CRYPTMAP 1 ipsec-isakmp
R1(config-crypto-map)# set peer 1.1.1.2
R1(config-crypto-map)# set transform-set IPSEC
R1(config-crypto-map)# match address 101

APPLY CRYPTO MAP TO THE PUBLIC INTERFACE

R1(config)# interface GigabitEthernet0/0
R1(config-if)# crypto map CRYPTMAP


Reference




hardware/cisco/ipsec-vpn.html.txt · Last modified: 2019/06/08 by admin

Page Tools