I appended the configs below.
> Why don't you post your configs for the group
>
> Dennis Rogell
> Email : [EMAIL PROTECTED]
> Phone: (954) 846-5128
>
> > -----Original Message-----
> > From: Dincer onel [SMTP:[EMAIL PROTECTED]]
> > Sent: Wednesday, April 25, 2001 05:42
> > To: [EMAIL PROTECTED]
> > Subject: IPSec Manual Keying [7:1850]
> >
> > I configured my routers as described on the cisco's webpage
> > (http://www.cisco.com/warp/public/707/manual.html) to make my two
> > routers communicating IPSEC. I saw the same config when I wrote
"sh
> > run..." on the two routers but I could not succeed in seeing the
ESP
> > packets in between while one end host pinging otherside, rather I
saw
> > normal ping packets. So I wonder do I miss some point in
> > configuration? What else should I do more to establish a "working"
> > IPSEC connection between two routers?
> > Thanks a lot for your help
> > FAQ, list archives, and subscription info:
> > http://www.groupstudy.com/list/cisco.html
> > Report misconduct and Nondisclosure violations to
[EMAIL PROTECTED]
>
========= Configs of my routers ===============
---------Router1 Configuration ---------------
Router1#show run
Building configuration...
Current configuration:
!
version 12.0(7)
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router1
!
enable secret 5 $1$e.E8$tUKJCgLOtJbkO4Trhe1Is/
enable password ww
!
ip subnet-zero
!
no crypto isakmp enable
!
crypto ipsec transform-set encrypt-des esp-des
!
crypto map testcase 8 ipsec-manual
set peer 11.11.11.12
set security-association inbound esp 1000 cipher abcd1234abcd1234
authenticator 01
set security-association outbound esp 1001 cipher 1234abcd1234abcd
authenticator 01
set transform-set encrypt-des
match address 100
!
process-max-time 200
!
interface Ethernet0
ip address 11.11.11.11 255.255.255.0
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
crypto map testcase
!
interface FastEthernet1
ip address 12.12.12.12 255.255.255.0
no ip directed-broadcast
!
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
ip nat translation timeout never
ip nat translation tcp-timeout never
ip nat translation udp-timeout never
ip nat translation finrst-timeout never
ip nat translation syn-timeout never
ip nat translation dns-timeout never
ip nat translation icmp-timeout never
ip classless
ip route 0.0.0.0 0.0.0.0 10.31.1.1
ip route 0.0.0.0 0.0.0.0 11.11.11.12
no ip http server
!
access-list 100 permit ip host 12.12.12.12 host 14.14.14.14
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
tftp-server flash:c2600-is56i-l.120-5.T
!
line con 0
transport input none
line aux 0
line vty 0 4
password ww
login
!
end
---------Router2 Configuration ---------------
Router2#show run
Building configuration...
Current configuration:
!
version 12.0(7)
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Router2
!
enable secret 5 $1$RP6J$ZgRGLaWnbGAfg5jSvp/8u/
enable password ww
!
ip subnet-zero
!
no crypto isakmp enable
!
crypto ipsec transform-set encrypt-des esp-des
!
crypto map testcase 8 ipsec-manual
set peer 11.11.11.11
set security-association inbound esp 1001 cipher 1234abcd1234abcd
authenticator 01
set security-association outbound esp 1000 cipher abcd1234abcd1234
authenticator 01
set transform-set encrypt-des
match address 100
!
process-max-time 200
!
interface Ethernet0
ip address 11.11.11.12 255.255.255.0
no ip directed-broadcast
no ip route-cache
no ip mroute-cache
crypto map testcase
!
interface FastEthernet1
ip address 14.14.14.14 255.255.255.0
no ip directed-broadcast
!
interface Serial0
no ip address
no ip directed-broadcast
no ip mroute-cache
shutdown
!
interface Serial1
no ip address
no ip directed-broadcast
shutdown
!
ip nat translation timeout never
ip nat translation tcp-timeout never
ip nat translation udp-timeout never
ip nat translation finrst-timeout never
ip nat translation syn-timeout never
ip nat translation dns-timeout never
ip nat translation icmp-timeout never
ip classless
ip route 0.0.0.0 0.0.0.0 11.11.11.11
no ip http server
!
access-list 100 permit ip host 14.14.14.14 host 12.12.12.12
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
tftp-server flash:c2600-is56i-l.120-5.T
!
line con 0
transport input none
line aux 0
line vty 0 4
password ww
login
!
end
========= Configs of my routers (end) ===============
Dinger VNEL
T\BiTAK-UEKAE
GEBZE KOCAELi TURKEY
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=1947&t=1850
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
- IPSec Manual Keying [7:1850] Dincer onel
- Din�er �nel
