Filter
Top Products
9-19
Cisco 819 Series Integrated Services Routers Software Configuration Guide
OL-23590-02
Chapter 9 Configuring Security Features
Configuring VPN
Configuration Example
The following configuration example shows a portion of the configuration file for a VPN using a GRE
tunnel scenario described in the preceding sections:
!
aaa new-model
!
aaa authentication login rtr-remote local
aaa authorization network rtr-remote local
aaa session-id common
!
username cisco password 0 cisco
!
interface tunnel 1
ip address 10.62.1.193 255.255.255.252
tunnel source fastethernet 0
tunnel destination interface 192.168.101.1
ip route 20.20.20.0 255.255.255.0 tunnel 1
crypto isakmp policy 1
encryption 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group rtr-remote
key secret-password
dns 10.50.10.1 10.60.10.1
domain company.com
pool dynpool
!
crypto ipsec transform-set vpn1 esp-3des esp-sha-hmac
!
crypto ipsec security-association lifetime seconds 86400
!
crypto dynamic-map dynmap 1
set transform-set vpn1
reverse-route
!
crypto map static-map 1 ipsec-isakmp dynamic dynmap
Step 8
permit protocol source source-wildcard
destination destination-wildcard
Example:
Router(config-acl)# permit gre host
192.168.100.1 host 192.168.101.1
Router(config-acl)#
Specifies that only GRE traffic is permitted on the
outbound interface.
Step 9
exit
Example:
Router(config-acl)# exit
Router(config)#
Returns to global configuration mode.
Command or Action Purpose