i am sorry in fact my question is not the actual one ...... the original Rames's question : *********** Folks,
Would appreciate if anyone can explain the basics of VPN(Ipsec). >I got a Ipsec running between two pix.What really happens > > when a packet arrives at the interface?I need the entire process... Cheers i solve my quetion ......thanks.......... ************** now 2 router can talk each other ipsec from lan interface.... my error is router 1(right before): crypto isakmp key zisco address 192.168.2.70 (the peer ip) router 2 wrong before : crypto isakmp key zisco address 192.168.2.70 (the peer ip) router2 right now : crypto isakmp key zisco address 192.168.2.69 (the peer ip) ramesh c wrote: >Oops,Guess we deviated from the actual question.Would appreciate if anyone >could anwser the same. > >Cheers >-- > >On Tue, 17 Dec 2002 18:04:44 > Daniel Cotts wrote: > > >>You are providing a config that shows the "WAN" link that connects the two >>routers. Do you also have a "LAN" side to each of those routers? That is >>where your host computers would reside. The addresses for the "LAN" are what >>is expected in access-list 100. Sort of FastEthernet 0/1 ip address >>172.16.1.1 etc. Maybe use 172.16.2.1 on the other router's LAN. >>access-list 100 permit ip 172.16.1.0 0.0.0.255 172.16.2.0 0.0.0.255 >>If you do a test ping to open the VPN tunnel use an extended ping with the >>source address of your "LAN" interface. More fun to use PCs on each end. >>HTH >> >> >> >>>-----Original Message----- >>>From: Selcuk Kardes [mailto:[EMAIL PROTECTED]] >>>Sent: Tuesday, December 17, 2002 11:09 AM >>>To: [EMAIL PROTECTED] >>>Subject: Re: IPsec basics?? [7:59358] >>> >>> >>>Hi Alaerte, >>> >>>http://www.cisco.com/warp/public/707/17.html#Sec3.1 >>>this link and your suggested configuration and also my >>>confuguration are >>>all same ... >>>but my confuguration doesn't work ..... >>>i am working .... >>> >>>thanks for help... >>>Selcuk >>> >>>my configuration is: >>> >>>Current configuration: >>>! >>>version 12.1 >>>hostname test >>>crypto isakmp policy 1 >>> authentication pre-share >>> lifetime 3000 >>>crypto isakmp key cisco address 192.168.2.70 >>>! >>>! >>>crypto ipsec transform-set mytransform esp-des esp-md5-hmac >>>! >>>crypto map mycrypto 10 ipsec-isakmp >>> set peer 192.168.2.70 >>> set transform-set mytransform >>> match address 100 >>>! >>>interface FastEthernet0/0 >>> ip address 192.168.2.69 255.255.255.192 >>> duplex auto >>> speed auto >>> crypto map mycrypto >>>! >>>ip classless >>>ip route 0.0.0.0 0.0.0.0 192.168.2.97 >>>no ip http server >>>! >>>access-list 100 permit ip host 192.168.2.69 host 192.168.2.70 >>> >>> >>>[EMAIL PROTECTED] wrote: >>> >>> >>> >>>>Hi, >>>> >>>>Here is an example: >>>> >>>>crypto isakmp policy 1 >>>>authentication pre-share >>>>lifetime 3000 >>>>crypto isakmp key cisco address 192.168.14.2 >>>>! >>>>crypto ipsec transform-set mytransform esp-des esp-md5-hmac >>>>! >>>>crypto map mycrypto local-address Serial0.14 >>>>crypto map mycrypto 10 ipsec-isakmp >>>>set peer 192.168.14.2 >>>>set transform-set mytransform >>>>match address 100 >>>>! >>>>interface Loopback1 >>>>ip address 1.1.1.1 255.255.255.0 >>>>! >>>>interface Serial0.14 point-to-point >>>>ip address 192.168.14.1 255.255.255.0 >>>>frame-relay interface-dlci 114 >>>>crypto map mycrypto >>>>! >>>>router ospf 1 >>>>log-adjacency-changes >>>>network 0.0.0.0 255.255.255.255 area 0 >>>>! >>>>ip classless >>>>ip http server >>>>! >>>>access-list 100 permit icmp host 1.1.1.1 host 4.4.4.4 >>>> >>>> >>>>Regards, >>>> >>>>Alaerte >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>>"Selcuk Kardes" @groupstudy.com em 17/12/2002 >>>>08:11:51 >>>> >>>>Favor responder a "Selcuk Kardes" >>>> >>>>Enviado Por: [EMAIL PROTECTED] >>>> >>>> >>>>Para: [EMAIL PROTECTED] >>>>cc: >>>> >>>>Assunto: Re: IPsec basics?? [7:59358] >>>> >>>> >>>>hi, >>>>i am trying now to run ipsec between two router >>>>is there anybody have basic running konfigurasyon.... >>>>now i am looking cisco's ipsec pages >>>>but yet i can't accomplisht this issue >>>> >>>> >>>>ramesh c wrote: >>>> >>>> >>>> >>>> >>>> >>>>>Folks, >>>>>Would appreciate if anyone can explain the basics of VPN(Ipsec). >>>>> >>>>>I got a Ipsec running between two pix.What really happens >>>>> >>>>> >>>when a packet >>> >>> >>>>>arrives at the interface?I need the entire process... >>>>> >>>>>Cheers >>>>> >>>>> >>>>>_____________________________________________________________ >>>>>Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. >>>>>http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus >>>>> >>>>> >>>>> >>>>> >>>>Virus taramasi Is Net tarafindan yapilmistir. >>>>This e-mail is checked by Is Net against all known types of viruses. >>>>Is Net'in YILBASI HEDIYE kampanyasini duymus muydunuz? >>>>http://www.isnet.net.tr/hediyesepeti/index2.html >>>> >>>> >_____________________________________________________________ >Get 25MB, POP3, Spam Filtering with LYCOS MAIL PLUS for $19.95/year. >http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus Virus taramasi Is Net tarafindan yapilmistir. This e-mail is checked by Is Net against all known types of viruses. Is Net'in YILBASI HEDIYE kampanyasini duymus muydunuz? http://www.isnet.net.tr/hediyesepeti/index2.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=59466&t=59358 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
