[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 238
  • Last Modified:

configuration for cisco router to use VPN ?

I have only one problem; still I cannot use My VPN

I connect My PC to Router R1  throw interface F0/1
Then I ping all this IP
172.15.5.1                OK (Replay)
172.31.106.206       OK (Replay)
172.31.106.205       NO (Request Time out)
172.31.106.129      NO (Request Time out)
172.31.106.130      NO (Request Time out)
172.28.1.1            NO (Request Time out)

But if I connect the PC to the console I can ping

172.15.5.1                OK (Replay)
172.31.106.206       OK (Replay)
172.31.106.205       OK (Replay)
172.31.106.129      OK (Replay)
172.31.106.130      OK (Replay)
172.28.1.1            NO (Request Time out)


all my router model is 2801
R1.txt
R2.txt
VPN.bmp
0
AymanDasa
Asked:
AymanDasa
  • 3
  • 3
1 Solution
 
equarandoCommented:
I didnt see any VPN configuration on either of the Routers.

I am going to list the steps to set one up. just repeat the process on the other router, just switching IP's

1.) R1(config)# crypto isakmp enable

2.) R1(config)# crypto isakmp policy 10
R1(config-isakmp)# authentication pre-share
R1(config-isakmp)# encryption aes 256
R1(config-isakmp)# hash sha
R1(config-isakmp)# group 5
R1(config-isakmp)# lifetime 3600

3.) R1(config)# crypto isakmp key PASSWORD address (IP of other router)

4.) R1(config)# crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac ah-sha-hmac

5.) R1(config)# access-list 101 permit ip (LOCAL LAN) (REMOTE LAN)

6.) R1(config)# crypto map NAME 10 ipsec-isakmp

7.) R1(config-crypto-map)# match address 101

8.) R1(config-crypto-map)# set peer (IP OF R2)
R1(config-crypto-map)# set pfs group5
R1(config-crypto-map)# set transform-set 50

9.)on the outside interface apply the crypto map
   R1(config-if)# crypto map NAME
 
0
 
AymanDasaAuthor Commented:
Dear equarando
" crypto " not in my router command ? Im using 2800 cisco router
0
 
equarandoCommented:
You prolly are not running a version of the IOS that supports IPSEC VPN's
0
New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

 
AymanDasaAuthor Commented:
Dear equarando

I add this Lines in R1




R1(config)#router bgp 65360
R1(config-router)#network 172.15.0.0 255.255.0.0
!
Then I connect My PC to Router R1  throw interface F0/1
Then I ping all this IP
172.15.5.1              OK (Replay)
172.31.106.206      OK (Replay)
172.31.106.205      OK (Replay)
172.31.106.129      OK (Replay)
172.31.106.130      OK (Replay)
172.28.1.1              NO (Request Time out)


0
 
equarandoCommented:
Yes, but that has nothing to do with not being able to connect with a VPN
0
 
AymanDasaAuthor Commented:
now I add another line

R1(config)#router bgp 65360
R1(config-router)#red con

and the result is

Then I connect My PC to Router R1  throw interface F0/1
Then I ping all this IP
172.15.5.1              OK (Replay)
172.31.106.206      OK (Replay)
172.31.106.205      OK (Replay)
172.31.106.129      OK (Replay)
172.31.106.130      OK (Replay)
172.28.1.1              OK (Replay)

Mr. equarando
I will give you the point not for sol but for helping to me


0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now