Vs (config-crypto-map) # set peer 109.x.x.x Vs (config-crypto-map) # match address TunnelIPSec Vs (config) # crypto map cryptvpn 2 ipsec-isakmp Vs (config) # crypto map cryptvpn local-address tunnel 1 Vs (config) # crypto ipsec transform-set tansf3des ah-sha512-hmac esp-3des Vs (config) # ip access-list extended TunnelIPSec Vs (config) # crypto isakmp key SecretPassword address 109.x.x.x Vs (config) # crypto isakmp identity address Vs (config-isakmp) # authentication pre-share Vs(config-if)# tunnel destination 109.x.x.xĬonfigurin an IPSec Tunnel Creating IKE Policies Where am I wrong ? CONFIGURATION OF THE FIRST ROUTEUR Set up of the tunnel on site 1 (VS) So far for now I have understand and tryed this, following a cisco paper on this topic.īut it does not work. Now I want to establish a link between the 2 sites (Cevennes VS). The route 192.168.1.1 is the default route to internet. Nat activation (set it up, But will be active if the route is active) :Ĭevennes (config)# ip nat inside source route-map SFR interface gi8 overloadĬevennes (config)# ip nat inside source route-map Bouygues interface gi9 overload Vs (config)# ip nat inside source list 100 interface gi9 overloadĬevennes (config-if)#Description Lien secondaire BouyguesĬevennes (config-if)#ip address dhcp / ip address 192.168.2.100Ĭevennes (config-if)#Description Lien primaire SFRĬevennes (config-if)#ip address dhcp / ip address 192.168.1.100Ĭevennes (config-if)#ip address 192.168.100.254Īutorise the network 192.168.100.0 to any other networkĬevennes (config)# access-list 100 permit ip 192.168.100.0 0.0.0.255 anyĪutorise the access-list 100 on gi8 if route is active through gi8Ĭevennes (config)#route-map SFR permit 10Ĭevennes (config-route-map)# match ip address 100Ĭevennes (config-route-map)# match interface gi8Īutorise the access-list 100 on gi9 if route is active through gi9Ĭevennes (config)#route-map Bouygues permit 10Ĭevennes (config-route-map)# match interface gi9 Vs (config-if)#ip address dhcp (the Free boxe gives a static address 192.168.10.200) On site 1 (vs), I have basic configuration : I have not tested the ipsec protocol as for now, I have never been able to make it work. I have tested the GRE protocol on those boxes, It work fine. UDP Port 500, 4500 and 10 000 to the router On the SFR and Free Boxes, I have set the following port mapping : It needs to be set in normal mode.Īnother reason I can not set the Bouygues and free boxes into bridge mode is that this boxes give me services (TV and Telephone). I will not set the boxes (Free, SFR and Bouygues) in bridge mode as if I have any connection issue, the helpdesk of those company will not take into considaration any of my demand. So, all my networks are behind boxes that gives local addresses that can not be routed. In the attached file, You will find all the details of the network with figures.Īs some people will see, my network is in France. Hi, I have tryed to set up a tunnel between my 2 sites using GRE and IPSec technologies.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |