AymanDasa
asked on
configuration for cisco router to use VPN ?
I have only one problem; still I cannot use My VPN
I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 NO (Request Time out)
172.31.106.129 NO (Request Time out)
172.31.106.130 NO (Request Time out)
172.28.1.1 NO (Request Time out)
But if I connect the PC to the console I can ping
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 NO (Request Time out)
all my router model is 2801
R1.txt
R2.txt
VPN.bmp
I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 NO (Request Time out)
172.31.106.129 NO (Request Time out)
172.31.106.130 NO (Request Time out)
172.28.1.1 NO (Request Time out)
But if I connect the PC to the console I can ping
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 NO (Request Time out)
all my router model is 2801
R1.txt
R2.txt
VPN.bmp
ASKER
Dear equarando
" crypto " not in my router command ? Im using 2800 cisco router
" crypto " not in my router command ? Im using 2800 cisco router
You prolly are not running a version of the IOS that supports IPSEC VPN's
ASKER
Dear equarando
I add this Lines in R1
R1(config)#router bgp 65360
R1(config-router)#network 172.15.0.0 255.255.0.0
!
Then I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 NO (Request Time out)
I add this Lines in R1
R1(config)#router bgp 65360
R1(config-router)#network 172.15.0.0 255.255.0.0
!
Then I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 NO (Request Time out)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
now I add another line
R1(config)#router bgp 65360
R1(config-router)#red con
and the result is
Then I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 OK (Replay)
Mr. equarando
I will give you the point not for sol but for helping to me
R1(config)#router bgp 65360
R1(config-router)#red con
and the result is
Then I connect My PC to Router R1 throw interface F0/1
Then I ping all this IP
172.15.5.1 OK (Replay)
172.31.106.206 OK (Replay)
172.31.106.205 OK (Replay)
172.31.106.129 OK (Replay)
172.31.106.130 OK (Replay)
172.28.1.1 OK (Replay)
Mr. equarando
I will give you the point not for sol but for helping to me
I am going to list the steps to set one up. just repeat the process on the other router, just switching IP's
1.) R1(config)# crypto isakmp enable
2.) R1(config)# crypto isakmp policy 10
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# encryption aes 256
R1(config-isakmp)# hash sha
R1(config-isakmp)# group 5
R1(config-isakmp)# lifetime 3600
3.) R1(config)# crypto isakmp key PASSWORD address (IP of other router)
4.) R1(config)# crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac ah-sha-hmac
5.) R1(config)# access-list 101 permit ip (LOCAL LAN) (REMOTE LAN)
6.) R1(config)# crypto map NAME 10 ipsec-isakmp
7.) R1(config-crypto-map)# match address 101
8.) R1(config-crypto-map)# set peer (IP OF R2)
R1(config-crypto-map)# set pfs group5
R1(config-crypto-map)# set transform-set 50
9.)on the outside interface apply the crypto map
R1(config-if)# crypto map NAME