ITFireman
asked on
Configuring VPN on Cisco 1921/K9 routers
Is there a good guide for configuring site to site vpn using Cisco 1921 routers? I am trying to connect my two fire houses via commercial broadband services and have had no success.
Additionally, there is a requirement for a few remote login sessions. I intend to use Cisco's VPN client to do that.
Once that is configured, I need to configure the firewall to include web filtering.
IOS version is 15.0(1)M3.
I am comfortable with the CLI and the CCP GUI.
Additionally, there is a requirement for a few remote login sessions. I intend to use Cisco's VPN client to do that.
Once that is configured, I need to configure the firewall to include web filtering.
IOS version is 15.0(1)M3.
I am comfortable with the CLI and the CCP GUI.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
@diepes. Yes I have fixed IPs at both ends and the routers can ping each other.
@ITFireman: I would suggest to start with a GRE tunnel. No encryption, but easy to setup.
interface Tunnel0
ip address 10.0.0.1 255.255.255.0 !!<Use 1 on one side, and 2 on the other e.g.
tunnel source Ethernet0/0 !!<Own external interface
tunnel destination 10.10.10.1 !!<Otherside external ip.
tunnel key 123
interface Tunnel0
ip address 10.0.0.1 255.255.255.0 !!<Use 1 on one side, and 2 on the other e.g.
tunnel source Ethernet0/0 !!<Own external interface
tunnel destination 10.10.10.1 !!<Otherside external ip.
tunnel key 123
ASKER
@diepes Ok... But I do require encryption since I am dealing with company and patient information. Where do I go once I get beyond a GRE tunnel?
@ikalmar Thanks.
@ikalmar Thanks.
HI,
Did you tried it?
Did you tried it?
ASKER
@ikalmar
Yes... I followed the setup in the first link you sent. The link is up. That is further than I was able to get before. Howerver, I am not able to ping anything on the opposite network.
Any suggestions?
Yes... I followed the setup in the first link you sent. The link is up. That is further than I was able to get before. Howerver, I am not able to ping anything on the opposite network.
Any suggestions?
@ITFireman
You can run a # debug icmp
on both sides to see if there is only one way connectivity.
As to the GRE, once you have GRE you can wrap it in ipsec, but it seems as if you are close.
Maybe paste your current config.
You can run a # debug icmp
on both sides to see if there is only one way connectivity.
As to the GRE, once you have GRE you can wrap it in ipsec, but it seems as if you are close.
Maybe paste your current config.
ASKER
Did not exactly address the problem. But I was able to at least test my routers to verify I could connect.
Can you ping the one router from the other ?