From: Eric Zarling (EZARLING@xxxxxxxxxxx)
Date: Thu Jan 13 2000 - 16:21:41 GMT-3
Hi all,
I am trying to get encryption working between two routers connected back-to-bac
k. I am not trying IPSec, just encryption through a GRE tunnel. I have follow
ed Cisco's Doc to the letter and am not getting anywhere. Since my next lab it
h 1/21, I am stressing just a little bit. Any and all help is greatly apprecia
ted.
Router configs:
version 11.3
hostname R6
!
ipx routing 0006.0006.0006
ipx internal-network 600000
!
crypto key pubkey-chain dss
named-key eric signature
serial-number C86F2300
key-string
60E63599 BF72A5B1 B2DB6EF3 B8E147B2 B8C6275B 3C5F1D12 88EDB1C3 12F26224
636E0BEA EEA2351B 91F512BA 53CF06CF AEF54031 59134322 BB7E58E1 B485247D
quit
!
crypto map linda 10
set peer eric
match address linda
clock timezone CST -6
!
interface Tunnel0
no ip address
ipx network 8006
ipx nlsp enable
tunnel source Serial0/0
tunnel destination 137.20.86.1
crypto map linda
!
interface Ethernet0/0
ip address 137.20.64.6 255.255.240.0
ipx network 695
!
interface Serial0/0
ip address 137.20.86.2 255.255.255.0
crypto map linda
!
ip access-list extended linda
permit gre host 137.20.86.2 host 137.20.86.1
!
!
ipx router nlsp
area-address 0 0
redistribute eigrp 1
!
!
ipx router rip
no network 60000
no network 8006
no network 695
!
!
ipx sap 4 R6File 60000.0000.0000.0001 451 2
ipx sap 7 R6Print 60000.0000.0000.0001 451 2
!
line con 0
exec-timeout 0 0
privilege level 15
line vty 0 4
exec-timeout 0 0
privilege level 15
no login
!
ntp server 137.20.100.33
no scheduler allocate
end
R6#sh cry cisc conn
Pending Connection Table
PE UPE Timestamp Conn_id
137.20.86.2 137.20.86.1 Jan 13 2000 13:04:20 -8
Connection Table
PE UPE Conn_id New_id Algorithm Time
137.20.86.2 137.20.86.1 -8 8 UNKNOWN Not yet set
flags:XCHG_KEYS PEND_CONN
R6#sh cry map
Crypto Map "linda" 10 cisco
Peer = eric
PE = 137.20.86.2
UPE = 137.20.86.1
Extended IP access list linda
access-list linda permit gre host 137.20.86.2 host 137.20.86.1
Connection Id = -8 (8 established, 0 failed)
-------------------------------------------------------------------------------
-----------------------------------------
version 11.3
hostname R8
!
ipx routing 0008.0008.0008
ipx internal-network 800000
!
crypto key pubkey-chain dss
named-key linda signature
serial-number 8FBD327B
key-string
7417138F C00473E9 B0A0EB60 3872C8E8 C2A7387F AF627364 94AA187A 2E2E725F
09933E77 C20C96F3 EA4A133B 25808F3D 1F10DF13 F7DB20A9 95E62170 97353B2B
quit
!
crypto map eric 10
set peer linda
match address eric
interface Tunnel0
no ip address
ipx network 8006
ipx nlsp enable
tunnel source Serial0/0
tunnel destination 137.20.86.2
crypto map eric
!
interface Ethernet0/0
ip address 137.20.82.1 255.255.255.0
ipx network 800
ipx network 810 encapsulation SAP secondary
ipx nlsp enable
!
interface Serial0/0
ip address 137.20.86.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
clockrate 2000000
crypto map eric
!
interface Ethernet0/1
ip address 137.20.81.1 255.255.255.0
ipx network 801
ipx nlsp enable
!
ip access-list extended eric
permit gre host 137.20.86.1 host 137.20.86.2
!
ipx router nlsp
area-address 0 0
!
line con 0
exec-timeout 0 0
privilege level 15
transport input none
line aux 0
line vty 0 4
exec-timeout 0 0
privilege level 15
no login
!
R8#sh cry cis conn
Pending Connection Table
PE UPE Timestamp Conn_id
137.20.86.1 137.20.86.2 Jan 13 2000 13:05:10 -7
Connection Table
PE UPE Conn_id New_id Algorithm Time
137.20.86.1 137.20.86.2 -7 7 UNKNOWN Not yet set
flags:XCHG_KEYS PEND_CONN
R8#sh cry map
Crypto Map "eric" 10 cisco
Peer = linda
PE = 137.20.86.1
UPE = 137.20.86.2
Extended IP access list eric
access-list eric permit gre host 137.20.86.1 host 137.20.86.2
Connection Id = -7 (7 established, 0 failed)
Eric Zarling CCNP
IKON Office Solutions - Milwaukee
(414)577-6600
ezarling@mis-usc.com
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:22:44 GMT-3