Configuring VPN Site To Site IPsec - PKT

This document discusses configuring a VPN between two networks using IPsec. It describes configuring interfaces and static routes on routers to connect the networks through an ISP router. Access lists and crypto maps are then configured using pre-shared keys to establish IPsec tunnels and allow encrypted communication between the networks. The configuration is tested by pinging hosts on each network to validate connectivity over the VPN.

Uploaded by

Luis Harima

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

58 views

Configuring VPN Site To Site IPsec - PKT

Uploaded by

Luis Harima

Available Formats

Download as DOCX, PDF, TXT or read online on Scribd

You are on page 1/ 5

VPN: stands for Virtual Private Network which is a term used to

describe a digital network within another physical computer network,

VPNs are used to allow individuals access to protected information
stored on a private network by connecting to that network using a
public network.
IPsec is an internet protocol security, and it is a set of protocols that
provides security for internet protocol, it can use cryptography to
provide security, IPsec can be used for the setting up of virtual private
networks VPNs in a secure manner, also known as IP Security.
Configuring the interfaces on the network devices.
On Router1
# int s0/0/0
# ip address 10.1.1.1 255.255.255.252
# no shut
# int g0/0
# ip address 192.168.1.1 255.255.255.0
# no shut
On ISP router:
# int s0/0/1
# ip address 10.1.1.2 255.255.255.252
# no shut
# int s0/0/0
# ip address 15.1.1.2 255.255.255.252
# no shut
On Router3
# int s0/0/1
# ip address 15.1.1.1 255.255.255.252
# no shut
# int g0/0
# ip address 172.16.1.1 255.255.255.0
# no shut
Now we will configure static route on Router1 and Router3 and default
route on the IPS router.
On Router1
# ip route 0.0.0.0 0.0.0.0 10.1.1.2
On Router3
# ip route 0.0.0.0 0.0.0.0 15.1.1.2
On the ISP router:
# ip route 172.16.1.0 255.255.255.0 15.1.1.1
# ip route 192.168.1.0 255.255.255.0 10.1.1.1
Let us run some pings between the two sites.
On PC-1
# ping 192.168.1.5
On PC-A
# ping 172.16.1.5
If the pings are not successful, troubleshoot the issue and make sure
the PCs can ping each other.
Create access-list on Router1
# access-list 100 permit ip 192.168.1.0 0.0.0.255 172.16.1.0 0.0.0.255
Now, I will configure ISAKMP policy on Router1
On Router1:
# cryptop isakmp policy 10
# authentication pre-share
# encryption aes 256
# hash sha
# lifetime 3600
# group 5
Encrypt the key
On Router1
# crypto isakmp key cisco address 15.1.1.1
 IPsec transform set
On Router1
# crypto ipsec transform-set VPN-SET esp-aes 256 esp-sha-hmac
 Now creating the crypto map
# crypto map VPN-MAP 10 ipsec-isakmp
# set peer 15.1.1.1.
# set transform-set VPN-SET
# match address 100
# exit
 Applying the crypto map to the outgoing interface of Router1
# int s0/0/0
# crypto map VPN-MAP
On Router3
# cryptop isakmp policy 10
# authentication pre-share
# encryption aes 256
# group 5
# hash sha
# lifetime 3600
# exit
# crypto key cisco address 10.1.1.1
 IPsec transform set
# crypto ipsec transform-set VPN-SET esp-aes 256 esp-sha-hamc
 Creating the access list
# access-list 100 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255
 Creating the crypto map
# crypto map VPN-MAP 10 ipsec-isakmp
# set peer 10.1.1.1
# set transform-set VPN-SET
# match address 100
# exit
 Apply the crypto map to the outgoing interface of Router3
# int s0/0/1
# crypto map VPN-MAP

Now , ping from PC-A to PC-1 and from PC-1 to PC-A

Run these show commands on Router1 and Router3
# show crypto isakmp sa
# show crypto ipsec sa
# show crypto isakmp policy
# show crypto map

CompTIA+Network++ (N10 009) +Study+Guide
100% (12)
CompTIA+Network++ (N10 009) +Study+Guide
477 pages
Mobile Phone Unlock Codes
71% (14)
Mobile Phone Unlock Codes
8 pages
Mobile Secret Hack Codes
77% (78)
Mobile Secret Hack Codes
22 pages
Baofeng Bible Complete Book - Vdigital
100% (4)
Baofeng Bible Complete Book - Vdigital
137 pages
Comptia
100% (7)
Comptia
1,791 pages
A Discovery of Witches Deborah E. Harkness
84% (64)
A Discovery of Witches Deborah E. Harkness
283 pages
The Hacker Playbook 1 - Practical Guide To Penetration Testing
91% (11)
The Hacker Playbook 1 - Practical Guide To Penetration Testing
308 pages
The Baofeng Radio Bible (10 IN 1) The Definitive Guerrilla's Handbook To Master Your Baofeng Radio To Be Prepared For Any... (Cooper Hartman) (Z-Library)
100% (2)
The Baofeng Radio Bible (10 IN 1) The Definitive Guerrilla's Handbook To Master Your Baofeng Radio To Be Prepared For Any... (Cooper Hartman) (Z-Library)
200 pages
Deviant Devoted Companion Final Download
100% (3)
Deviant Devoted Companion Final Download
44 pages
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
7.1.2.4 Packet Tracer - Configuring VPNs (Optional) Instructions
No ratings yet
7.1.2.4 Packet Tracer - Configuring VPNs (Optional) Instructions
6 pages
Honda Accord 2008-2010 Oem
100% (4)
Honda Accord 2008-2010 Oem
2,950 pages
Mobile Tricks Hacking Mobile Networks
100% (2)
Mobile Tricks Hacking Mobile Networks
3 pages
COMPTIA Security Plus Master Cheat Sheet
No ratings yet
COMPTIA Security Plus Master Cheat Sheet
33 pages
8.7.1.4 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI - Instructor
No ratings yet
8.7.1.4 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI - Instructor
5 pages
8.4.1.2 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI
No ratings yet
8.4.1.2 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI
5 pages
ISP Lab Tutorial - GNS3
0% (1)
ISP Lab Tutorial - GNS3
19 pages
Universal Codes For Cell Phones and Advanced Tricks
80% (5)
Universal Codes For Cell Phones and Advanced Tricks
30 pages
American Survival Guide, Prepper Survival Field Manual - Spring 2017
100% (12)
American Survival Guide, Prepper Survival Field Manual - Spring 2017
132 pages
Star Codes
100% (1)
Star Codes
31 pages
Configuring Site To Site Ipsec VPN Tunnel Between Cisco Routers
No ratings yet
Configuring Site To Site Ipsec VPN Tunnel Between Cisco Routers
6 pages
Ipsec VPN Requirements: Configure Isakmp (Ike) - (Isakmp Phase 1)
No ratings yet
Ipsec VPN Requirements: Configure Isakmp (Ike) - (Isakmp Phase 1)
4 pages
Configure and Verify A Site To Site IPsec VPN Using CLI
No ratings yet
Configure and Verify A Site To Site IPsec VPN Using CLI
4 pages
Week 5 Optional Assignment
No ratings yet
Week 5 Optional Assignment
16 pages
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
No ratings yet
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
7 pages
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
No ratings yet
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
4 pages
Lab - En Security Chp8 PTActA Site-To-Site-IPsec-VPN Student- 2024
No ratings yet
Lab - En Security Chp8 PTActA Site-To-Site-IPsec-VPN Student- 2024
4 pages
Convert Serial To IPsec VPN
0% (1)
Convert Serial To IPsec VPN
6 pages
Technical Report
No ratings yet
Technical Report
19 pages
Configure and Verify A Site-To-Site IPsec VPN Using CLI
No ratings yet
Configure and Verify A Site-To-Site IPsec VPN Using CLI
6 pages
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
No ratings yet
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
6 pages
91-IPSec Protocol ESP AH
No ratings yet
91-IPSec Protocol ESP AH
13 pages
IPsec Site To Site LAB
No ratings yet
IPsec Site To Site LAB
50 pages
Configuring Cisco Site To Site Ipsec VPN With Dynamic Ip Endpoint Cisco Routers
No ratings yet
Configuring Cisco Site To Site Ipsec VPN With Dynamic Ip Endpoint Cisco Routers
8 pages
Ipsec Configuration
No ratings yet
Ipsec Configuration
12 pages
IPSec VPN LAB
100% (2)
IPSec VPN LAB
7 pages
Configuration of Site To Site IPSec VPN Using CLI (Answers)
No ratings yet
Configuration of Site To Site IPSec VPN Using CLI (Answers)
5 pages
IPsec VPN
No ratings yet
IPsec VPN
5 pages
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
No ratings yet
Configuring Site To Site IPSec VPN Tunnel Between Cisco Routers
5 pages
Site To Site IPSEC VPN Troubleshooting - Imp
No ratings yet
Site To Site IPSEC VPN Troubleshooting - Imp
8 pages
Network Security Lab 2
No ratings yet
Network Security Lab 2
16 pages
4.1 4-S2S-IPSecVPN-Tunnel-Router
No ratings yet
4.1 4-S2S-IPSecVPN-Tunnel-Router
6 pages
19.5.5 Packet Tracer - Configure and Verify a Site-to-Site IPsec VPN
No ratings yet
19.5.5 Packet Tracer - Configure and Verify a Site-to-Site IPsec VPN
5 pages
20.2.1 Packet Tracer - Configure and Verify A Site-to-Site IPsec VPN Using CLI - ILM
No ratings yet
20.2.1 Packet Tracer - Configure and Verify A Site-to-Site IPsec VPN Using CLI - ILM
6 pages
16.2.2 Packet Tracer - Configure and Verify A Site-to-Site IPsec VPN Using CLI - ITExamAnswers
No ratings yet
16.2.2 Packet Tracer - Configure and Verify A Site-to-Site IPsec VPN Using CLI - ITExamAnswers
6 pages
Configure Simple IPSEC Site To Site VPN in Cisco Routers Using GNS3
100% (1)
Configure Simple IPSEC Site To Site VPN in Cisco Routers Using GNS3
7 pages
Part 1: Configure Ipsec Parameters On R1: Version Command
No ratings yet
Part 1: Configure Ipsec Parameters On R1: Version Command
3 pages
19.5.5 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN - ITExamAnswers
No ratings yet
19.5.5 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN - ITExamAnswers
5 pages
# Enable # Conf T # Hostname Router1 # Int G0/0 # Ip Address 8.8.8.1 255.0.0.0
No ratings yet
# Enable # Conf T # Hostname Router1 # Int G0/0 # Ip Address 8.8.8.1 255.0.0.0
18 pages
Configuring Easy VPN With The IOS CLI: Learning Objectives
No ratings yet
Configuring Easy VPN With The IOS CLI: Learning Objectives
26 pages
VPN Site2site
No ratings yet
VPN Site2site
12 pages
Cisco IPSec VPN Configuration - IPSec For VPN
No ratings yet
Cisco IPSec VPN Configuration - IPSec For VPN
19 pages
Router Vpnclient Pi Stick
No ratings yet
Router Vpnclient Pi Stick
10 pages
VPN Site2site
No ratings yet
VPN Site2site
14 pages
Configuring Site-To-Site IPsec VPNs With The IOS CLI
No ratings yet
Configuring Site-To-Site IPsec VPNs With The IOS CLI
3 pages
Configure and Verify a Site-to-Site IPsec VPN Using CLI (1)
No ratings yet
Configure and Verify a Site-to-Site IPsec VPN Using CLI (1)
7 pages
Lab VPN
No ratings yet
Lab VPN
9 pages
Cns 11 Exp Vinesh
No ratings yet
Cns 11 Exp Vinesh
6 pages
16.2.2 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI
No ratings yet
16.2.2 Packet Tracer - Configure and Verify A Site-To-Site IPsec VPN Using CLI
5 pages
Router 1: Router 3:: ! (Basic Configuration For Connection To Internet) ! (Basic Configuration For Connection To Internet)
No ratings yet
Router 1: Router 3:: ! (Basic Configuration For Connection To Internet) ! (Basic Configuration For Connection To Internet)
6 pages
Client to Site - Configure Remote Access Using Cisco Easy VPN
No ratings yet
Client to Site - Configure Remote Access Using Cisco Easy VPN
7 pages
7.2 6. GET VPN
No ratings yet
7.2 6. GET VPN
11 pages
8 4 1 3 Lab Configure Site To Site VPN Using CLI Instructor
No ratings yet
8 4 1 3 Lab Configure Site To Site VPN Using CLI Instructor
15 pages
Unit 4 - VPN and IPsec Concepts
No ratings yet
Unit 4 - VPN and IPsec Concepts
6 pages
Yasser Auda CCIEv5 Workbook
No ratings yet
Yasser Auda CCIEv5 Workbook
26 pages
Lab 10: Vpns - Ipsec Remote Access VPN: 10.1 Details
No ratings yet
Lab 10: Vpns - Ipsec Remote Access VPN: 10.1 Details
24 pages
Practical 8
No ratings yet
Practical 8
8 pages
Ipsec VPN Application Guide
No ratings yet
Ipsec VPN Application Guide
19 pages
IPsec VPN
No ratings yet
IPsec VPN
20 pages
Lab 3 INWK 6119 IPSec CSR Pod Lab April2022
No ratings yet
Lab 3 INWK 6119 IPSec CSR Pod Lab April2022
14 pages
Lab 6.2.12a Configure Remote Access Using Cisco Easy VPN: Objective
No ratings yet
Lab 6.2.12a Configure Remote Access Using Cisco Easy VPN: Objective
11 pages
Site To Site VPN With Dynamic Crypto Map
No ratings yet
Site To Site VPN With Dynamic Crypto Map
7 pages
Mikrotik To Cisco ASA IPsec VPN
No ratings yet
Mikrotik To Cisco ASA IPsec VPN
83 pages
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
Compra Switches
No ratings yet
Compra Switches
1 page
Logs 07092020-CORE-NEXUS
No ratings yet
Logs 07092020-CORE-NEXUS
49 pages
Ieee Gig TM PDF
No ratings yet
Ieee Gig TM PDF
158 pages
FR Switch
No ratings yet
FR Switch
2 pages
Ham Radio For The New Ham What To Do The Minute You Get Your Amateur Radio License - Stan Merrill
50% (2)
Ham Radio For The New Ham What To Do The Minute You Get Your Amateur Radio License - Stan Merrill
137 pages
ARRL Extra Class License Study Guied
75% (4)
ARRL Extra Class License Study Guied
500 pages
NSO-184 Notes
No ratings yet
NSO-184 Notes
17 pages
04-Datalink, Diagnostic CAN
100% (4)
04-Datalink, Diagnostic CAN
17 pages
Samsung Codes
100% (2)
Samsung Codes
3 pages
Popular Electronics 1961-02
100% (2)
Popular Electronics 1961-02
136 pages
F 150 Wiring Harness
No ratings yet
F 150 Wiring Harness
8 pages
Levels in Digital Audio
No ratings yet
Levels in Digital Audio
8 pages
Ham Radio An Easy Guide For Beginners - Steve Markelo
100% (4)
Ham Radio An Easy Guide For Beginners - Steve Markelo
10 pages
S and S Emissionssensorscatalog 2021
No ratings yet
S and S Emissionssensorscatalog 2021
20 pages
Metro Settings
100% (1)
Metro Settings
8 pages
CompTIA Network+ v1.0 (N10-008) - Full Access
100% (1)
CompTIA Network+ v1.0 (N10-008) - Full Access
34 pages
Practical Guide To Radio-Frequency Analysis and Design
No ratings yet
Practical Guide To Radio-Frequency Analysis and Design
49 pages
Stealth Amateur Radio
No ratings yet
Stealth Amateur Radio
7 pages
Wireless Hacking
100% (2)
Wireless Hacking
19 pages
Assignment On Construction Quality Management
0% (1)
Assignment On Construction Quality Management
8 pages
English Essay Topics
No ratings yet
English Essay Topics
3 pages
Critical Analysis
No ratings yet
Critical Analysis
9 pages
Kerala State Electricity Board Limited: 7/408 Edacheriyan
No ratings yet
Kerala State Electricity Board Limited: 7/408 Edacheriyan
3 pages
Business Guide Book
100% (5)
Business Guide Book
27 pages
Ultrasim® 3D Lattice Design: Offering
No ratings yet
Ultrasim® 3D Lattice Design: Offering
16 pages
Cec Assignment 2 Scope of Work
No ratings yet
Cec Assignment 2 Scope of Work
5 pages
Eng 10 Work 1
No ratings yet
Eng 10 Work 1
7 pages
EG Lab Manual_Full
No ratings yet
EG Lab Manual_Full
37 pages
SW978K Parts Book
No ratings yet
SW978K Parts Book
241 pages
OL L K: Indian Institute of Technology Kharagpur
No ratings yet
OL L K: Indian Institute of Technology Kharagpur
2 pages
Unit 3 Study of Sounds-Phonetics
No ratings yet
Unit 3 Study of Sounds-Phonetics
7 pages
The Chamber Students
100% (1)
The Chamber Students
3 pages
Wefbwefuohwef Iiwef Iiwejfbouhwejfohwefnowe Fwef
No ratings yet
Wefbwefuohwef Iiwef Iiwejfbouhwejfohwefnowe Fwef
13 pages
US Data Pansim Tech Automotive Companies
No ratings yet
US Data Pansim Tech Automotive Companies
6 pages
Northern Lights 6.1
No ratings yet
Northern Lights 6.1
200 pages
Republic V Mendoza
No ratings yet
Republic V Mendoza
2 pages
Chem For Engineering Material by Pup Buddies
No ratings yet
Chem For Engineering Material by Pup Buddies
46 pages
Question Bank
No ratings yet
Question Bank
5 pages
Improving Students Speaking Ability T
No ratings yet
Improving Students Speaking Ability T
545 pages
Suspension: Course Name: Pharmaceutical Technology-I Course Code: PHRM 3125
No ratings yet
Suspension: Course Name: Pharmaceutical Technology-I Course Code: PHRM 3125
45 pages
Spellings
No ratings yet
Spellings
15 pages
Samsung Un55d6000sf Use and Care Manual PDF
No ratings yet
Samsung Un55d6000sf Use and Care Manual PDF
25 pages
ADM940 - EN - Part-3
No ratings yet
ADM940 - EN - Part-3
10 pages
I. Objectives: Grade Level Quarter / Domain Week & Day No. Page No
No ratings yet
I. Objectives: Grade Level Quarter / Domain Week & Day No. Page No
11 pages
Man As Worker
100% (1)
Man As Worker
12 pages

Configuring VPN Site To Site IPsec - PKT

Uploaded by

Configuring VPN Site To Site IPsec - PKT

Uploaded by

VPN: stands for Virtual Private Network which is a term used to

describe a digital network within another physical computer network,

Now , ping from PC-A to PC-1 and from PC-1 to PC-A

You might also like