From: kym blair (kymblair@xxxxxxxxxxx)
Date: Wed Apr 17 2002 - 01:30:35 GMT-3
IPSEC works great with the below config when applied to a physical serial
link, but when I apply it to a working tunnel, it doesn't work. I've tried
a variety of address combinations but still can't get it. Can anyone solve
this? Here are the configs:
ROUTER3:
crypto isakmp policy 10
authentication pre-share
crypto isakmp key CCIE address 148.8.8.8
crypto ipsec transform-set XFRM esp-des esp-sha-hmac
access-list 138 permit ip host 148.8.8.3 host 148.8.8.8
crypto map CCIEMAP 10 ipsec-isakmp
set peer 148.8.8.8
set transform-set XFRM
match address 138
!
interface Tunnel8
ip address 148.8.8.3 255.255.255.0
tunnel source 33.3.3.3
tunnel destination 172.28.2.8
crypto map CCIEMAP
ROUTER8:
crypto isakmp policy 1
authentication pre-share
crypto isakmp key CCIE address 148.8.8.3
crypto ipsec transform-set XFRM esp-des esp-sha-hmac
access-list 138 permit ip host 148.8.8.8 host 148.8.8.3
!
crypto map CCIEMAP 10 ipsec-isakmp
set peer 148.8.8.3
set transform-set XFRM
match address 138
!
interface Tunnel8
ip address 148.8.8.8 255.255.255.0
tunnel source 172.28.2.8
tunnel destination 33.3.3.3
crypto map CCIEMAP
TIA, Kym
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:58:11 GMT-3