Technical information

ManualsBrandsCisco ManualsComputer equipmentWS-SVC-IPSEC-1= - IPSec VPN Services Module

IPSec VPN Acceleration Services Module Installation and Configuration Note

78-14459-03 Rev C0

Configuration Examples

flowcontrol send off

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,2,1002-1005

switchport mode trunk

cdp enable

interface Vlan2

ip address 192.168.1.254 255.255.255.0

no mop enabled

crypto map cm1

interface Vlan502

no ip address

crypto connect vlan 2

interface Tunnel1

ip address 10.1.1.254 255.255.255.0

tunnel source vlan1

tunnel destination 192.168.1.1

ip route 6.0.0.0 255.255.255.0 Tunnel1

ip access-list extended acl1

permit gre host 192.168.1.254 host 192.168.1.1

Catalyst Switch 2

The Catalyst switch 2 configuration is as follows:

crypto isakmp policy 100

encr 3des

authentication pre-share

crypto isakmp key 12345 address 192.168.1.0 255.255.255.0

crypto ipsec transform-set ts esp-3des esp-sha-hmac

crypto map cm1 100 ipsec-isakmp

set peer 192.168.1.254

set security-association level per-host

set security-association lifetime kilobytes 536870912

set security-association lifetime seconds 86400

set transform-set ts

match address acl1

interface GigabitEthernet1/1

no ip address

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,502,1002-1005

switchport mode trunk

interface GigabitEthernet1/2

ip address 6.0.0.254 255.255.255.0

interface GigabitEthernet5/1

no ip address

flowcontrol receive on

flowcontrol send off

switchport

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,2,1002-1005