JohanPersson.nu

My Digital Brain

Cisco Pix – Standard Site-To-Site VPN Setup

Written by

Johan

in

sysopt connection permit-ipsec
access-list CRYPTO-TO-SOLNA permit ip 192.168.200.0 255.255.255.0 192.168.100.0 255.255.255.0
access-list NAT-0 permit ip 192.168.200.0 255.255.255.0 192.168.100.0 255.255.255.0

nat (inside) 0 access-list NAT-0
isakmp enable outside
isakmp policy 100 encryption 3des
isakmp policy 100 hash sha
isakmp policy 100 authentication pre-share
isakmp policy 100 group 1
isakmp policy 100 lifetime 86400
isakmp key 1234567890 address 212.75.70.2
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SOLNA 10 ipsec-isakmp
crypto map SOLNA 10 match address CRYPTO-TO-SOLNA
crypto map SOLNA 10 set peer 212.75.70.2
crypto map SOLNA 10 set transform-set ESP-3DES-SHA
crypto map SOLNA 10 set pfs group1
crypto map SOLNA 10 set security-association lifetime seconds 28800
crypto map SOLNA interface outside

sysopt connection permit-ipsec
access-list CRYPTO-TO-STHLM permit ip 192.168.100.0 255.255.255.0 192.168.200.0 255.255.255.0
access-list NAT-0 permit ip 192.168.100.0 255.255.255.0 192.168.200.0 255.255.255.0

nat (inside) 0 access-list NAT-0
isakmp enable outside
isakmp policy 100 encryption 3des
isakmp policy 100 hash sha
isakmp policy 100 authentication pre-share
isakmp policy 100 group 1
isakmp policy 100 lifetime 86400
isakmp key 1234567890 address 212.75.71.2
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto map SOLNA 10 ipsec-isakmp
crypto map SOLNA 10 match address CRYPTO-TO-STHLM
crypto map SOLNA 10 set peer 212.75.71.2
crypto map SOLNA 10 set transform-set ESP-3DES-SHA
crypto map SOLNA 10 set pfs group1
crypto map SOLNA 10 set security-association lifetime seconds 28800
crypto map SOLNA interface outside

 

Comments

Leave a Reply

To respond on your own website, enter the URL of your response which should contain a link to this post's permalink URL. Your response will then appear (possibly after moderation) on this page. Want to update or remove your response? Update or delete your post and re-enter your post's URL again. (Find out more about Webmentions.)

More posts