Daniel- I'm sure it can't be done with only one Ethernet Interface alone... even if you trunked the ethernet interface to a Switch and ran two Vlans that connected (routed) back together via another router (which would push the question of "what's the point").
But, Maybe a Loopback interface could suffice. Just a suggestion... as I'm still learning the ins-n-outs of IPSEC tunnels myself. Mark Odette II -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Daniel Kekai Sent: Tuesday, January 15, 2002 11:57 PM To: [EMAIL PROTECTED] Subject: ipsec set up [7:32130] Maybe someone can help me out. I have to configure ipsec on a cisco 2600. My company wants to use this for a vpn to one of our partners. My question is how do I configure this using only one ethernet port. (that's all that is on the 2600 we have) I came up with the following configs for both ends: (not sure if I can do it on one interface) side-- A: crypto isakmp policy 1 authentication pre-share hash md5 group 2 lifetime 43200 crypto isakmp key TEST address 209.111.111.28 crypto ipsec transform-set SETNAME esp-3des esp-md5-hmac crypto map vpnmap 10 ipsec-isakmp set peer 209.111.111.28 set transform-set form0 match address 101 interface fastEthernet A_inside ip address 199.199.75.x 255.255.255.x interface fastEthernet A_outside ip address 199.199.75.51 255.255.255.192 crypto map ourvpnmap access-list 101 permit ip 199.199.75.128 0.0.0.63 209.111.111.32 0.0.0.31 side-- B: crypto isakmp policy 1 authentication pre-share hash md5 group 2 lifetime 43200 crypto isakmp key TEST address 199.199.75.51 crypto ipsec transform-set SETNAME esp-3des esp-md5-hmac crypto map vpnmap 10 ipsec-isakmp set peer 199.199.75.51 set transform-set form0 match address 101 interface fastEthernet B_inside ip address 209.111.111.x 255.255.255.x interface fastEthernet B_outside ip address 209.111.111.28 255.255.255.224 crypto map ourvpnmap access-list 101 permit ip 209.111.111.32 0.0.0.31 199.199.75.128 0.0.0.63 any help would be appreciated... thanks -d _________________________________________________________________ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=32132&t=32130 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]