Table of Contents
Advertisement
Chapter 7
Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation
Command or Action
Step 5
crypto map map-name
Example:
Router(config-if)# crypto map static-map
Router(config-if)#
Step 6
exit
Example:
Router(config-if)# exit
Router(config)#
Step 7
ip access-list {standard | extended}
access-list-name
Example:
Router(config)# ip access-list extended
vpnstatic1
Router(config-ext-nacl)#
Step 8
permit protocol source source-wildcard
destination destination-wildcard
Example:
Router(config-ext-nacl)# permit gre host
192.168.100.1 host 192.168.101.1
Router(config-ext-nacl)#
Step 9
exit
Example:
Router(config-ext-nacl)# exit
Router(config)#
Configuration Example
The following configuration example shows a portion of the configuration file for a VPN using a GRE
tunnel scenario described in the preceding sections.
!
aaa new-model
!
aaa authentication login rtr-remote local
aaa authorization network rtr-remote local
aaa session-id common
!
username cisco password 0 cisco
!
interface tunnel 1
OL-14210-01
ip address 10.62.1.193 255.255.255.252
Purpose
Assigns a crypto map to the tunnel.
Note
Dynamic routing or static routes to the
tunnel interface must be configured to
establish connectivity between the sites.
See the
Guide
for details.
Exits interface configuration mode, and returns to
global configuration mode.
Enters ACL configuration mode for the named
ACL that is used by the crypto map.
Specifies that only GRE traffic is permitted on the
outbound interface.
Returns to global configuration mode.
Cisco Secure Router 520 Series Software Configuration Guide
Configuration Example
Cisco IOS Security Configuration
7-9
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
