Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Crypto session status down?

Status
Not open for further replies.
madess

madess

MIS
Apr 17, 2003
36
US
I have been trying to setup a vpn, and I can not figure out how to bring up the session. Here is one router config, I will do a reply with the second.


Current configuration : 4699 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname wl45bthq
!
boot-start-marker
boot system flash c2801-advsecurityk9-mz.123-8.T6.bin
boot-end-marker
!
logging buffered 52000 debugging

mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
!
ip ips po max-events 100
ip domain name yourdomain.com
no ftp-server write-enable
!
!
trunk group 2
!
!
!
!
!
track 123 rtr 1 reachability
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key 8LuD_*s8 address 192.168.7.2 no-xauth
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to192.168.7.2
set peer 192.168.7.2
set transform-set ESP-3DES-SHA
match address 100
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 10.51.33.6 255.255.224.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.7.1 255.255.255.248
duplex auto
speed auto
crypto map SDM_CMAP_1
!
ip classless
ip route 10.100.0.0 255.255.0.0 192.168.7.2 track 123
ip route 10.54.0.0 255.255.0.0 192.168.7.2 track 123
ip route 10.0.0.0 255.0.0.0 192.168.7.2 track 123
ip route 32.71.196.0 255.255.255.0 192.168.7.2 track 123
ip route 172.16.0.0 255.255.0.0 192.168.7.2 track 123
ip route 192.168.2.0 255.255.255.0 192.168.7.2 track 123
ip route 192.168.3.0 255.255.255.0 192.168.7.2 track 123
ip route 204.146.91.0 255.255.255.0 192.168.7.2 track 123
ip route 204.146.97.0 255.255.255.0 192.168.7.2 track 123
ip route 0.0.0.0 0.0.0.0 10.51.33.3
ip route 4.17.70.1 255.255.255.255 10.51.33.3
ip route 10.0.0.0 255.0.0.0 10.51.33.5 254
ip route 10.1.82.0 255.255.255.0 10.51.33.4
ip route 10.44.16.28 255.255.255.255 10.51.33.4
ip route 10.51.0.0 255.255.0.0 10.51.33.5 254
ip route 10.51.160.0 255.255.224.0 10.51.33.1
ip route 10.53.32.0 255.255.224.0 10.51.33.1
ip route 10.54.0.0 255.255.0.0 10.51.33.5 254
ip route 10.100.0.0 255.255.0.0 10.51.33.5 254
ip route 10.238.238.0 255.255.255.0 10.51.33.4
ip route 12.38.196.34 255.255.255.255 10.51.33.4
ip route 32.71.196.0 255.255.255.0 10.51.33.5 254
ip route 66.45.105.220 255.255.255.255 10.51.33.4
ip route 159.204.115.5 255.255.255.255 10.51.33.4
ip route 169.200.51.236 255.255.255.255 10.51.33.4
ip route 169.200.51.243 255.255.255.255 10.51.33.4
ip route 172.16.0.0 255.255.0.0 10.51.33.5 254
ip route 172.16.2.21 255.255.255.255 10.51.33.4
ip route 192.168.2.0 255.255.255.0 10.51.33.5 254
ip route 192.168.3.0 255.255.255.0 10.51.33.5 254
ip route 192.168.7.0 255.255.255.248 FastEthernet0/1
ip route 192.168.83.196 255.255.255.255 10.51.33.4
ip route 192.168.100.69 255.255.255.255 10.51.33.4
ip route 192.168.101.0 255.255.255.0 10.51.33.1
ip route 199.227.171.132 255.255.255.255 10.51.33.4
ip route 199.227.171.147 255.255.255.255 10.51.33.4
ip route 204.146.91.0 255.255.255.0 10.51.33.5 254
ip route 204.146.97.0 255.255.255.0 10.51.33.5 254
ip route 209.48.188.27 255.255.255.255 10.51.33.4
no ip http server
ip http authentication local
ip http secure-server
!
!
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip host 10.51.33.6 host 10.54.1.10
access-list 100 permit ip host 10.54.1.10 host 10.51.33.6
access-list 100 deny ip any any
snmp-server community 6#lub@U7 RO
snmp-server community bonton RO
snmp-server community roscoe RW
snmp-server enable traps tty
!
!
control-plane
!
rtr 1
type echo protocol ipIcmpEcho 192.168.7.2
rtr schedule 1 life forever start-time nowline con 0
exec-timeout 0 0
login local
line aux 0
line vty 0 4
password 7 044904150C2E49
login
transport input telnet ssh
line vty 5 15
password 7 061400324F410C
login
transport input telnet ssh
!
end
 
Sort by date Sort by votes
Building configuration...

Current configuration : 5084 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname wl45btdc
!
boot-start-marker
boot system flash c2801-advsecurityk9-mz.123-8.T6.bin
boot-end-marker
!
logging buffered 52000 debugging
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
no aaa new-model
ip subnet-zero
ip cef
!
!
!
!
ip ips po max-events 100
no ip domain lookup
ip domain name bonton.com
no ftp-server write-enable
!
!
!
!
!
track 123 rtr 1 reachability
!
!
crypto isakmp policy 1
encr 3des
authentication pre-share
group 2
crypto isakmp key 8LuD_*s8 address 192.168.7.1 no-xauth
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto map SDM_CMAP_1 1 ipsec-isakmp
description Tunnel to192.168.7.1
set peer 192.168.7.1
set transform-set ESP-3DES-SHA
match address 100
!
!
!
interface FastEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-FE 0$
ip address 10.54.1.10 255.255.224.0
duplex auto
speed auto
!
interface FastEthernet0/1
ip address 192.168.7.2 255.255.255.248
duplex auto
speed auto
crypto map SDM_CMAP_1
!
ip classless
ip route 10.51.32.0 255.255.224.0 192.168.7.1 track 123
ip route 10.1.82.0 255.255.255.0 192.168.7.1 track 123
ip route 10.44.16.28 255.255.255.255 192.168.7.1 track 123
ip route 10.51.160.0 255.255.224.0 192.168.7.1 track 123
ip route 10.53.32.0 255.255.224.0 192.168.7.1 track 123
ip route 10.238.238.0 255.255.255.0 192.168.7.1 track 123
ip route 66.45.105.220 255.255.255.255 192.168.7.1 track 123
ip route 159.204.115.5 255.255.255.255 192.168.7.1 track 123
ip route 169.200.51.236 255.255.255.255 192.168.7.1 track 123
ip route 169.200.51.243 255.255.255.255 192.168.7.1 track 123
ip route 172.16.2.21 255.255.255.255 192.168.7.1 track 123
ip route 192.168.83.196 255.255.255.255 192.168.7.1 track 123
ip route 192.168.100.69 255.255.255.255 192.168.7.1 track 123
ip route 192.168.101.0 255.255.255.0 192.168.7.1 track 123
ip route 199.227.171.132 255.255.255.255 192.168.7.1 track 123
ip route 199.227.171.147 255.255.255.255 192.168.7.1 track 123
ip route 209.48.188.27 255.255.255.255 192.168.7.1 track 123
ip route 12.38.196.34 255.255.255.255 192.168.7.1 track 123
ip route 0.0.0.0 0.0.0.0 10.54.1.3
ip route 10.0.0.0 255.0.0.0 10.54.1.5
ip route 10.1.82.0 255.255.255.0 10.54.1.8 254
ip route 10.44.16.28 255.255.255.255 10.54.1.8 254
ip route 10.51.32.0 255.255.224.0 10.54.1.8 254
ip route 10.51.160.0 255.255.224.0 10.54.1.8 254
ip route 10.53.32.0 255.255.224.0 10.54.1.8 254
ip route 10.100.0.0 255.255.0.0 10.54.1.6
ip route 10.238.238.0 255.255.255.0 10.54.1.8 254
ip route 12.38.196.34 255.255.255.255 10.54.1.8 254
ip route 66.45.105.220 255.255.255.255 10.54.1.8 254
ip route 159.204.115.5 255.255.255.255 10.54.1.8 254
ip route 169.200.51.236 255.255.255.255 10.54.1.8 254
ip route 169.200.51.243 255.255.255.255 10.54.1.8 254
ip route 172.16.0.0 255.255.0.0 10.54.1.5
ip route 172.16.2.21 255.255.255.255 10.54.1.8 254
ip route 192.168.2.0 255.255.255.0 10.54.1.6
ip route 192.168.3.0 255.255.255.0 10.54.1.6
ip route 192.168.7.0 255.255.255.248 FastEthernet0/1
ip route 192.168.83.196 255.255.255.255 10.54.1.8 254
ip route 192.168.100.69 255.255.255.255 10.54.1.8 254
ip route 192.168.101.0 255.255.255.0 10.54.1.8 254
ip route 199.227.171.132 255.255.255.255 10.54.1.8 254
ip route 199.227.171.147 255.255.255.255 10.54.1.8 254
ip route 204.146.91.0 255.255.255.0 10.54.1.6
ip route 204.146.97.0 255.255.255.0 10.54.1.6
ip route 209.48.188.27 255.255.255.255 10.54.1.8 254
no ip http server
ip http authentication local
ip http secure-server
!
!
access-list 100 remark SDM_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip host 10.51.33.6 host 10.54.1.10
access-list 100 permit ip host 10.54.1.10 host 10.51.33.6
access-list 100 deny ip any any
snmp-server community bonton RO
snmp-server community roscoe RW
snmp-server enable traps tty
!
!
control-plane
!
rtr 1
type echo protocol ipIcmpEcho 192.168.7.1
rtr schedule 1 life forever start-time now

line con 0
line aux 0
line vty 0 4
password 7 105C060A061817
login
transport input telnet ssh
line vty 5 15
password 7 01010917580403
login
transport input telnet ssh
!
end
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pshook
  • Locked
  • Question
Cisco PRI status
Replies
0
Views
152
pshook
pshook
darthvader167
  • Locked
  • Question
Download Cisco Hold Music
Replies
0
Views
498
darthvader167
darthvader167
moose4me
  • Locked
  • Question
Session Border Controller
Replies
1
Views
200
madwok
madwok
DrB0b
  • Locked
  • Question
Moving LAG from one switch to another, hopefully w/o downtime 1
Replies
2
Views
302
DrB0b
DrB0b
Punk6296
  • Locked
  • Question
slow WAN download speeds over UC540
Replies
0
Views
261
Punk6296
Punk6296

Part and Inventory Search

Sponsor

Back
Top