Hi,I have a cisco 887VA router. I have configured WAN over ADSL. I need to configure IPSEC to connect this site to another site. Please help me with the configuration. I am attaching the configuration on router.version 15.1 no service pad service tcp-keepalives-in service timestamps debug datetime msec service timestamps log datetime msec service password-encryptionboot-start-marker boot-end-markerno aaa new-model memory-size iomem 10 clock timezone NZST 12 0 crypto pki token default removal timeout 0! no ip source-route !ip dhcp pool DHCP-LAN network x.x.x.x y.y.y.y default-router x.x.x.x lease 0 3 ! ! ip cef ip domain name ip name-server x.x.x.x no ipv6 cef ! ! license udi pid CISCO887VA-K9 controller VDSL 0 ! ! ! crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 2 crypto isakmp key cvccv address x.x.x.x ! ! crypto ipsec transform-set test esp-3des esp-md5-hmac ! crypto map map 1 ipsec-isakmp set peer x.x.x.x set security-association lifetime seconds 86400 set transform-set test match address acl !! interface Ethernet0 no ip address shutdown no fair-queue ! interface ATM0 no ip address no atm ilmi-keepalive pvc 0/100 encapsulation aal5mux ppp dialer dialer pool-member 1 ! ! interface FastEthernet0 no ip address ! interface FastEthernet1 no ip address ! interface FastEthernet2 no ip address ! interface FastEthernet3 no ip address ! interface Vlan1 ip address x.x.x.x y.y.y.y ip nat inside ip virtual-reassembly in ! interface Dialer0 ip address negotiated ip nat outside ip virtual-reassembly in encapsulation ppp dialer pool 1 ppp pap sent-username dsgvdv password daffv crypto map map ! ip forward-protocol nd no ip http server no ip http secure-server ! ip nat inside source list 1 interface Dialer0 overload ip route 0.0.0.0 0.0.0.0 Dialer0 ! ip access-list extended acl permit ip x.x.x.x y.y.y.y ! access-list 1 permit x.x.x.x y.y.y.yline con 0 line aux 0 line vty 0 4 login transport input all ! end
↧