Hi all , I am trying to simulate IPSEC VPN on GNS3R3 f1/0 - R1 f2/0 - R1 s1/0 -
R2 s1/0 - R2 f2/0 - R4 f1/0
Below is my configuration
R1crypto isakmp policy 1 encr aes 128 hash sha authentication pre-share group 2
lifetime 86400crypto isakmp key cisco address 192.1.12.2 no-xauth!!crypto ipsec
transform-set SET esp-aes esp-sha-hmac!crypto map MAP 1 ipsec-isakmp set peer
192.1.12.2 set transform-set SET match address 100
access-list 100 permit ip 192.168.13.0 0.0.0.255 10.1.24.0 0.0.0.255
int s1/0crypto map MAP
R2!crypto isakmp policy 1 encr aes 128 hash sha authentication pre-share group
2 lifetime 86400crypto isakmp key cisco address 192.1.12.1 no-xauth!!crypto
ipsec transform-set SET esp-aes esp-sha-hmac!crypto map MAP 1 ipsec-isakmp set
peer 192.1.12.1 set transform-set SET match address 101
access-list 101 permit ip 10.1.24.0 0.0.0.255 192.168.13.0 0.0.0.255
int s1/0crypto map MAP
I got the message *Sep 15 14:29:07.255: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
But nothing is working R3#ping 10.1.24.4Type escape sequence to abort.Sending
5, 100-byte ICMP Echos to 10.1.24.4, timeout is 2 seconds:.....Success rate is
0 percent (0/5)
R4#ping 192.168.13.3Type escape sequence to abort.Sending 5, 100-byte ICMP
Echos to 192.168.13.3, timeout is 2 seconds:.....Success rate is 0 percent (0/5)
R1#sh crypto isakmp sa IPv4 Crypto ISAKMP SAdst src
state conn-id status
IPv6 Crypto ISAKMP SA
R1#
R2#sh crypto isakmp sa IPv4 Crypto ISAKMP SAdst src
state conn-id status
IPv6 Crypto ISAKMP SA
R2#
What is missing ?
Thanks
_______________________________________________
cisco-nsp mailing list [email protected]
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
