Hi,
I am playing in Dynamip for Basic Site to Site IPSec VPN (IOS-IOS) using
narbik Site-to-Site VPN workbook
I couldn't able to up the IPSec Tunnel, I am not sure what mistake I
did�.Here is the config
Both routers directly connected and the IOS is
c3725-adventerprisek9-mz.124-15.T9.BIN
R1
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.0
!
interface FastEthernet0/1
ip address 10.10.10.1 255.255.255.0
duplex auto
speed auto
crypto map CMAP
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 6 CISCO321 address 10.10.10.2
!
!
crypto ipsec transform-set TSET esp-3des esp-md5-hmac
!
crypto map CMAP 10 ipsec-isakmp
set peer 10.10.10.2
set transform-set TSET
match address 120
!
!
access-list 120 permit ip 1.1.1.0 0.0.0.255 4.4.4.0 0.0.0.255
R2
!
interface Loopback0
ip address 4.4.4.4 255.255.255.0
!
interface FastEthernet0/1
ip address 10.10.10.2 255.255.255.0
duplex auto
speed auto
crypto map CMAP
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key 6 CISCO321 address 10.10.10.1
!
!
crypto ipsec transform-set TSET esp-3des esp-md5-hmac
!
crypto map CMAP 10 ipsec-isakmp
set peer 10.10.10.1
set transform-set TSET
match address 121
!
access-list 121 permit ip 4.4.4.0 0.0.0.255 1.1.1.0 0.0.0.255
Rack1R2#sh crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
IPv6 Crypto ISAKMP SA
Thats it I got
!
I enabled Debug on both side�.
debug crypto ipsec
debug crypto isakmp
got nothing...
Anyone point me what mistake I done�.
I appreciate your input
Thanks
Andrew
Blogs and organic groups at http://www.ccie.net
Received on Mon Oct 25 2010 - 20:19:43 ART