[Openswan Users] GRE over IPSec - Cisco endpoint
tom at stocktons.org.uk
Tue Dec 22 05:54:26 EST 2009
On Sun, Dec 20, 2009 at 7:04 PM, Tom Stockton <tom at stocktons.org.uk> wrote:
I'm pretty stuck now so any other suggestions would be very welcome.
> I'll request the cisco config from the third party so that I can see
> exactly what's going on ....
Relevant IOS config from the Third Party, looks as I expected.
crypto isakmp policy 40
crypto isakmp key <password> address 192.168.4.240
crypto ipsec transform-set TransformSet_4 esp-3des esp-md5-hmac
description - L499 is used by ALL GRE-over-IPSec customers
ip address 192.168.186.1 255.255.255.255
ip access-list extended CUSTOMER_2VPN_Encrypt
permit gre host 192.168.186.1 host 192.168.4.240
crypto map combined_IPSec 41 ipsec-isakmp
description : IPSec setting for CUSTOMER
set peer 192.168.4.240
set transform-set TransformSet_4
set pfs group2
match address CUSTOMER_2VPN_Encrypt
description : GRE and IPSec to CUSTOMER
ip unnumbered Loopback499
ip access-group acl-permit-IPSec-cust-to-smsga out
tunnel source Loopback499
tunnel destination 192.168.4.240
crypto map combined_IPSec
ip route 192.168.4.243 255.255.255.255 Tunnel528
Any advice greatly appreciated.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users