Advertisement

04.01.2008 at 10:11PM PDT, ID: 23288175
[x]
Attachment Details

Do I need to disable the VPN tunnel when switching to VWIC-2MFT-T1?

Asked by gmruddel in Miscellaneous Networking

Tags: CISCO 2811 IOS Version 12.4

Using a 2811 router w/IOS Version 12.4, and we are adding 2 VWIC-2MFT-T1's to trunk four T1's together.  Should I disable the VPN Tunnel 0 as we will no longer need a VPN?  If so how do I disable the Tunnel 0?

Router Config is as follows...note IP and Username have been blanked ##.  Also crypto vpn map is enabled for FE 0/0.  Do I need to remove this as well?  If so how do I?
!
crypto pki trustpoint TP-self-signed-1652894264
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-1652894264
 revocation-check none
 rsakeypair TP-self-signed-1652894264
!
!
crypto pki certificate chain TP-self-signed-1652894264
 certificate self-signed 01 nvram:IOS-Self-Sig#3401.cer
username ##### privilege 15 secret 5 ########
!
!
!
crypto isakmp policy 1
 authentication pre-share
crypto isakmp key ### address ##.###.###.###
crypto isakmp keepalive 600 5
!
!
crypto ipsec transform-set vpn-trans esp-aes esp-sha-hmac
!
crypto ipsec transform-set vpn-trans esp-aes esp-sha-hmac
!
crypto map vpnmap 1 ipsec-isakmp
 set peer ##.###.###.###
 set transform-set vpn-trans
 match address 101
!
interface Tunnel0
 bandwidth 1000
 ip address 10.10.1.2 255.255.255.252
 ip accounting output-packets
 load-interval 30
 tunnel source ##.##.##.##
 tunnel destination ##.##.###.###
 crypto map vpnmap
!
interface FastEthernet0/0
 ip address ##.##.##.# 255.255.255.224
 ip nat outside
 ip virtual-reassembly
 load-interval 30
 duplex full
 speed 100
 crypto map vpnmap
!
interface FastEthernet0/1    
 load-interval 30  
 ip address 10.10.100.3 255.255.255.0  
 speed 100          
 crypto map v
 ip nat inside        
!
 redistribute rip
 passive-interface FastEthernet0/0
 network 10.0.0.0
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 ##.###.#.##
ip route 0.0.0.0 0.0.0.0 ##.###.##.##!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 101 permit gre host ##.###.##.# host ##>##interface FastEthernet0/1    
 load-interval 30  
 ip address 10.10.100.3 255.255.255.0  
 speed 100          
 crypto map v
 ip nat inside        
!
 redistribute rip
 passive-interface FastEthernet0/0
 network 10.0.0.0
 no auto-summary
!
ip classless
ip route 0.0.0.0 0.0.0.0 ###.#.###.#
ip route 0.0.0.0 0.0.0.0 ##.###.##.###
!
!
ip http server
ip http access-class 23
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 101 permit gre host ##.###.#.## host ##.##.###.###
access-list 101 permit gre host ##.###.###.### host ##.###.###.###
snmp-server community public view v1default RO
!
!
access-list 101 permit gre host ##.##.###.## host ##.###.###.###
snmp-server community public view v1default RO
!
!Start Free Trial
[+][-]04.02.2008 at 01:25AM PDT, ID: 21260990

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Miscellaneous Networking
Tags: CISCO 2811 IOS Version 12.4
Sign Up Now!
Solution Provided By: trinak96
Participating Experts: 2
Solution Grade: A
 
 
[+][-]04.02.2008 at 11:42AM PDT, ID: 21266073

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.03.2008 at 04:24AM PDT, ID: 21271310

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 7-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]04.03.2008 at 10:40AM PDT, ID: 21274936

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 7-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]04.09.2008 at 03:49PM PDT, ID: 21319919

Experts Exchange has a courteous staff of administrators who help members get the most out of the website by means of administrative comments like this one.

Start your 7-day free trial to view this Administrative Comment or ask the Experts your question.

 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_2_20070628