From: garry baker (fallow46@xxxxxxxxx)
Date: Mon May 28 2001 - 02:15:54 GMT-3
Guys,
i am trying to get a ipsec to work over a gre tunnel,
the tunnel works fine but when i add the ipsec i am
unable to ping the other end of the tunnel. all i am
trying to achieve is to be able to ping the other end
of the tunnel. i went through the post from last week
that was similar but still could not fix my problem.
i have three routers connected with the outer two
acting as the tunnel endpoints. i have pasted the
relevant config details. could someone point me in the
right direction?
Garry
r6
crypto isakmp policy 1
authentication pre-share
crypto isakmp key 123456 address 64.108.4.9
crypto isakmp key 12345 address 64.108.68.8
crypto map test local-address Tunnel0
crypto map test 10 ipsec-isakmp
set peer 64.180.68.8
set transform-set test
match address 150
!
interface Tunnel0
ip address 64.108.68.6 255.255.255.0
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
tunnel source 64.108.9.2
tunnel destination 64.108.1.34
crypto map test
interface Serial0/1
ip address 64.108.9.2 255.255.255.240
no ip directed-broadcast
ip pim sparse-mode
encapsulation ppp
ip ospf interface-retry 0
ip igmp join-group 226.10.10.1
ip igmp join-group 226.1.1.10
crypto map test
access-list 150 permit ip host 64.108.68.6 host
64.108.68.8
r8
crypto isakmp policy 1
authentication pre-share
crypto isakmp key 12345 address 64.108.68.6
!
!
crypto ipsec transform-set test esp-des
!
!
crypto map test local-address Tunnel0
crypto map test 10 ipsec-isakmp
set peer 64.108.68.6
set transform-set test
match address 150
interface Tunnel0
ip address 64.108.68.8 255.255.255.0
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
tunnel source 64.108.1.34
tunnel destination 64.108.9.2
crypto map test
!
interface Ethernet0/0
ip address 64.108.1.34 255.255.255.224
no ip directed-broadcast
ip pim sparse-mode
crypto map test
access-list 150 permit ip host 64.108.68.8 host
64.108.68.6
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:30:55 GMT-3