[Openswan Users] GRE over IPSec - Cisco endpoint
Tom Stockton
tom at stocktons.org.uk
Tue Dec 22 05:54:26 EST 2009
On Sun, Dec 20, 2009 at 7:04 PM, Tom Stockton <tom at stocktons.org.uk> wrote:
I'm pretty stuck now so any other suggestions would be very welcome.
> I'll request the cisco config from the third party so that I can see
> exactly what's going on ....
>
Relevant IOS config from the Third Party, looks as I expected.
crypto isakmp policy 40
encr 3des
hash md5
authentication pre-share
crypto isakmp key <password> address 192.168.4.240
crypto ipsec transform-set TransformSet_4 esp-3des esp-md5-hmac
interface Loopback499
description - L499 is used by ALL GRE-over-IPSec customers
ip address 192.168.186.1 255.255.255.255
ip access-list extended CUSTOMER_2VPN_Encrypt
permit gre host 192.168.186.1 host 192.168.4.240
crypto map combined_IPSec 41 ipsec-isakmp
description : IPSec setting for CUSTOMER
set peer 192.168.4.240
set transform-set TransformSet_4
set pfs group2
match address CUSTOMER_2VPN_Encrypt
interface Tunnel528
description : GRE and IPSec to CUSTOMER
ip unnumbered Loopback499
ip access-group acl-permit-IPSec-cust-to-smsga out
tunnel source Loopback499
tunnel destination 192.168.4.240
crypto map combined_IPSec
ip route 192.168.4.243 255.255.255.255 Tunnel528
Any advice greatly appreciated.
Thanks
Tom
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20091222/119b843d/attachment.html
More information about the Users
mailing list