site-to-site vpn

I am trying to configure site-to-site vpn on a ASA. I don't have access to the
other side of the equipment so can't really, but the person has been generous
to share the parameters which I need to configure on my end to make it work. I
just have couple of hrs to get it working so that I can checklist on my things
to do from my CCIE standpoint :(-.

Appreciate any help.

What I am trying to do is that there is a remote server - 66.94.3.71 and I
have a local server 10.15.10.45 which should be seen by the outside world as
38.105.120.78.

[Local] ---38.105.120.66 --- INTERNET --- 97.65.105.5 -- [Remote] ---
66.94.3.71
!
!
38.105.120.78
!
[10.15.10.45]

Config
++++

name 10.15.10.45 SM-internal
name 38.105.120.78 SM-external

static (inside,outside) SM-external SM-internal netmask 255.255.255.255

object-group network mob_SM_Networks
 network-object 66.94.3.71 255.255.255.255

object-group service SM tcp
 port-object eq 9071

crypto isakmp enable outside

crypto isakmp policy 1
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400

access-list outside_SM extended permit tcp host SM-internal host 66.94.3.71
object-group SM

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto map outside_map 1 match address outside_SM
crypto map outside_map 1 set peer 66.94.3.71
crypto map outside_map 1 set transform-set ESP-3DES-SHA
crypto map outside_map 1 set security-association lifetime seconds 3600

tunnel-group 66.94.3.71 type ipsec-l2l
tunnel-group 66.94.3.71 ipsec-attributes
 pre-shared-key *

Thanks,
-Yuri

Blogs and organic groups at http://www.ccie.net
Received on Tue Oct 19 2010 - 16:24:44 ART