Maphew
asked on
VPN cisco router
Please can anyone give me some direction over replacing a juniper router with a cisco 2901.
I am having issues with a cloud partner router and want to bypass this with a cisco.
I need some advise on how to set up ipsec tunnel to the provider and static routes to point there for hosts desktops. also will this affect NATing of protocols for my voice and data ?
the vpn detail are :
VPN Details
VPN Name
flexvpn
Hosted End-Point IP
109.8.32.99
On-premise End-Point IP Address
146.25.16.101
On-Premise Network
192.168.10.0
On-Premise Subnet Mask
255.255.254.0
Pre-Shared Key
f08fF*KT*ZlD
IKE Phase 1
Encryption
AES-256/AES-128/3DES
Hash
SHA-1
Authentication
Pre-Share Diffie-Hellman Group 2
Lifetime
86400s (1 day)
IKE Phase 2
Encryption
AES-256/AES-128/3DES
Hash
SHA-1
Lifetime
3600s (1 hour)
PFS
Optional
any help would be muchly appreciated. Thank you for your time
I am having issues with a cloud partner router and want to bypass this with a cisco.
I need some advise on how to set up ipsec tunnel to the provider and static routes to point there for hosts desktops. also will this affect NATing of protocols for my voice and data ?
the vpn detail are :
VPN Details
VPN Name
flexvpn
Hosted End-Point IP
109.8.32.99
On-premise End-Point IP Address
146.25.16.101
On-Premise Network
192.168.10.0
On-Premise Subnet Mask
255.255.254.0
Pre-Shared Key
f08fF*KT*ZlD
IKE Phase 1
Encryption
AES-256/AES-128/3DES
Hash
SHA-1
Authentication
Pre-Share Diffie-Hellman Group 2
Lifetime
86400s (1 day)
IKE Phase 2
Encryption
AES-256/AES-128/3DES
Hash
SHA-1
Lifetime
3600s (1 hour)
PFS
Optional
any help would be muchly appreciated. Thank you for your time
Well, that's all the info you need to configure the VPN, so you should be good. Are you looking for the exact commands to enter?
ASKER
Hello and thank you for repsonding
yes and also knowing where to create this .....
is it on the sub interface of the data vlan as its for users to connect to a hosted desktop provider and do not need the voice vlan to utilise this route etc
i hope i make sense , its just the leasedline supplier will not give us a wires only service and we are having issues with their router esp for voip.... sorry for going on
yes and also knowing where to create this .....
is it on the sub interface of the data vlan as its for users to connect to a hosted desktop provider and do not need the voice vlan to utilise this route etc
i hope i make sense , its just the leasedline supplier will not give us a wires only service and we are having issues with their router esp for voip.... sorry for going on
You apply the crypto map to the outside interface.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you very much for your time and support