Hereby a working ipsec config, which i made last week for a customer, fully
tested and working,
hope you can fix your problem with it.
rgds,\
R. Boussebaa
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key XXXXXXXX address xx.xx.xx.xx
!
!
crypto ipsec transform-set ipsec-tunnel-sap esp-3des esp-md5-hmac
!
crypto map ipsec-tunnel-sap local-address Dialer 0 (source address of
dialer0)
crypto map ipsec-tunnel-sap 10 ipsec-isakmp
description SAP ISP BByond
set peer xxx.xx.xx.xx
set transform-set ipsec-tunnel-sap
set pfs group2
match address IPSEC_tunnel_SAP
!
interface Dialer0
crypto map ipsec-tunnel-sap
!
ip access-list extended IPSEC_tunnel_SAP
permit ip 10.1.0.0 0.0.0.255 192.168.50.0 0.0.0.255 (ip range of peer)
permit ip 10.1.0.0 0.0.0.255 host xx.xx.xx.xx. (peer address
----- Original Message -----
From: "Amol Sapkal"
To:
Sent: Monday, September 04, 2006 11:39 AM
Subject: Re: IPSEC problem [7:113285]
> Yes, encryption ( and hash too) needs to be mentioned.
>
> Something like:
>
> crypto isakmp policy 100
> crypto isakmp key ****** address 1.2.3.4
> group 1
> authentication pre-share
> encryption des (or 3des)
>
>
>
> HTH,
> Amol
>
>
> On 9/4/06, Amol Sapkal wrote:
>>
>> Hi,
>>
>>
>>
>> On 9/4/06, Rich Hernandez wrote:
>> >
>> > My crypto policy looks like this. Note the "encr 3des" and "group 2"
>>
>>
>>
>> I don't think that is necessary. It will automatically default to "group
>> 1", if not explicitly mentioned.
>>
>>
>>
>>
>>
>> You may have to add these. Other than that your config looks OK. I'm not
>> > using tunnels though and there may be something needed that I don't
>> > use.
>> >
>> > Good luck.
>>
>> crypto isakmp policy 1
>> > encr 3des
>> > authentication pre-share
>> > group 2
>> --
>> Warm regards,
>>
>> Amol Sapkal
>>
>> -------------------------------------------------------------------
>> "When I'm not in my right mind, my left mind
>> gets pretty crowded"
>> -------------------------------------------------------------------
>>
>
>
>
> --
> Warm regards,
>
> Amol Sapkal
>
> -------------------------------------------------------------------
> "When I'm not in my right mind, my left mind
> gets pretty crowded"
> -------------------------------------------------------------------
Disclaimer
************************************************************************
Aan dit bericht kunnen geen rechten worden ontleend. Dit bericht is
uitsluitend bestemd voor de geadresseerde. Als u dit bericht per abuis
hebt ontvangen, wordt u verzocht het te vernietigen en de afzender te
informeren. Wij adviseren u om bij twijfel over de juistheid of de
volledigheid van de mail contact met afzender op te nemen.
This message shall not constitute any rights or obligations.
This message is intended solely for the addressee.
If you have received this message in error, please delete it and
notify the sender immediately. When in doubt whether this message
is correct or complete, please contact the sender.
************************************************************************
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=113330&t=113285
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
