LAB 8A: Configuring IPSEC VPNs between sites
LAB 8A: Configuring IPSEC VPNs between sites on the UC520
Lab 8B covers inter site dialing – to configure the underlying IPSEC VPNs between sites please refer to
the below link:
IPSEC with QoS:
http://www.cisco.com/en/US/products/ps6635/products_white_paper09186a0080189080.shtml
A sample config for an EVEN POD (POD 12) to an ODD POD (POD 11) is shown below
NOTE: WAN IP for EVEN POD is 1.1.100.12 and for ODD POD is 1.1.100.11
!
crypto isakmp policy 1
authentication pre-share
group 2
crypto isakmp key sbcs address 1.1.100.11
!
!
crypto ipsec transform-set vpn-test esp-3des esp-sha-hmac
!
!
crypto map vpn 6 ipsec-isakmp
set peer 1.1.100.11
set transform-set vpn-test
match address 199
!
!
!
interface FastEthernet0/0
ip address 1.1.100.12 255.255.255.0
crypto map vpn
!
!
!
access-list 199 permit ip 10.1.1.0 255.255.255.0 any
access-list 199 permit ip 1.1.100.12 255.255.255.0 any