From: Andre Scalco (andre.scalco@gmail.com)
Date: Mon May 01 2006 - 19:46:34 ART
Guys,
I'm trying to setup EZVPN Router to Router. Nothing fancy, straight back to
back between two routers.
Please see config below.
EZVPN Server: R6
aaa new-model
!
!
aaa authorization network NADA local
crypto isakmp policy 10
hash md5
authentication pre-share
!
crypto isakmp client configuration group MyVPN
key tempo
dns 195.1.111.53
wins 195.1.111.54
domain tempo.com
pool Customer
!
crypto ipsec transform-set TSEC esp-des esp-md5-hmac
!
crypto dynamic-map DYNAMO 10
set transform-set TSEC
reverse-route
!
!
crypto map SECURE isakmp authorization list NADA
crypto map SECURE client configuration address respond
crypto map SECURE 10 ipsec-isakmp dynamic DYNAMO
!
!
ip local pool Customer 195.1.111.201 195.1.111.225
!
interface Serial0/0/0
ip address 151.100.5.6 255.255.255.0
crypto map SECURE
!
=====
EZVPN Client: R7
!
crypto ipsec client ezvpn EZ
connect auto
group MyVPN key tempo
mode client
peer 151.100.5.6
!
!
interface Loopback22
ip address 10.22.22.22 255.255.255.0
crypto ipsec client ezvpn EZ inside
!
interface SER0/0/0
ip address 151.100.5.7 255.255.255.0
crypto ipsec client ezvpn EZ
!
===
My Questions are:
Shouldn't I be able to see ISAKMP SA established? I do show crypto isakm sa
and I don't see anything in there. Also I'm kind of confuse of how to test
it, should I ping from the client (R6 Lo22) to the Seri0/0/0 of the EZVPN
Server?
Appreciate any input
Andre
This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:20 ART