VPN to Three Sites, getting issues with one. Please audit co
DComTalk.com Forum Index DComTalk.com
Discussion of VoIP, VPN, Video Conferencen, DSL and other data commucations.
 
 FAQFAQ   MemberlistMemberlist     RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
Google
 
Web dcomtalk.com
VPN to Three Sites, getting issues with one. Please audit co

 
Post new topic   Reply to topic    DComTalk.com Forum Index -> Cisco
Author Message
Evolution
Guest
Posted: Fri Dec 16, 2005 2:23 am    Post subject: VPN to Three Sites, getting issues with one. Please audit co Reply with quote
Does anyone see anything wrong with this config?
access-list 100 permit ip 172.16.133.0 255.255.255.0 192.168.168.0
255.255.255.0
access-list 100 permit ip 172.16.133.0 255.255.255.0 172.16.135.0
255.255.255.0
access-list 110 permit ip 172.16.133.0 255.255.255.0 192.168.168.0
255.255.255.0
access-list 130 permit ip 172.16.133.0 255.255.255.0 172.16.135.0
255.255.255.0
access-list 140 permit ip host 24.43.199.10 10.1.0.0 255.255.0.0
access-list 140 permit ip host 24.43.199.10 host 192.168.200.10
access-list 140 permit ip host 24.43.199.10 10.10.10.0 255.255.255.0
sysopt connection permit-ipsec
crypto ipsec transform-set myset esp-3des esp-md5-hmac
crypto map mymap 10 ipsec-isakmp
crypto map mymap 10 match address 140
crypto map mymap 10 set peer 64.115.172.99
crypto map mymap 10 set transform-set myset
crypto map mymap 20 ipsec-isakmp
crypto map mymap 20 match address 110
crypto map mymap 20 set peer 64.115.182.84
crypto map mymap 20 set transform-set myset
crypto map mymap 30 ipsec-isakmp
crypto map mymap 30 match address 130
crypto map mymap 30 set peer 66.40.19.2
crypto map mymap 30 set transform-set myset
crypto map mymap interface outside
isakmp enable outside
isakmp key ******** address 64.115.172.99 netmask 255.255.255.255
isakmp key ******** address 64.115.182.84 netmask 255.255.255.255
isakmp key ******** address 66.40.19.2 netmask 255.255.255.255
isakmp identity address
isakmp policy 10 authentication pre-share
isakmp policy 10 encryption 3des
isakmp policy 10 hash md5
isakmp policy 10 group 1
isakmp policy 10 lifetime 86400


I can establish tunnels to 20 and 30, but get ACL errors with 10...not
sure what the problem could be. Please audit this config. Thanks!

-rws
Back to top
 
Post new topic   Reply to topic    DComTalk.com Forum Index -> Cisco All times are GMT
Page 1 of 1

 
 You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum




VoIP Solutions: Telephone Systems Electronics Satellite TV Tech & Gadgets
Powered by phpBB