It is currently Sun Oct 22, 2017 8:10 am


All times are UTC




Post new topic Reply to topic  [ 4 posts ] 
Author Message
 Post subject: Site to Site VPN configuration
PostPosted: Wed Apr 09, 2014 11:38 am 
Offline

Joined: Wed Apr 09, 2014 11:31 am
Posts: 1
Dear experts I want to test site to site VPN on GNS3 with Cisco 2600 Router, 2691, 3600, and 3700 and can't support ISAKMP support and need to update the software on its IOS and I am not able to such configuration on GNS3. Can any please advise what to do.

Thanks for the support in advance




Top
 Profile  
 
 Post subject: Re: Site to Site VPN configuration
PostPosted: Wed Apr 09, 2014 5:36 pm 
Offline

Joined: Sat Aug 17, 2013 7:59 pm
Posts: 123
Location: Upper Silesia, Poland
You have to add to GNS3 any image that supports crypto. Usually these images have "k9" somewhere in the name of image; most frequent phrases are: "advsecurityk9", "adventerprisek9", "advipservicesk9", "ik9s", "ik9os3", "jk9s", "jk9o3s", "telcoentk9".

_________________
If you can see any inaccuracies or other language-related mistakes in my post(s), please forgive me - English is not my native language


Top
 Profile  
 
 Post subject: Re: Site to Site VPN configuration
PostPosted: Thu Sep 04, 2014 2:27 am 
Offline

Joined: Sat Nov 09, 2013 1:52 pm
Posts: 23
Is there a bug on the GNS3? I am trying to create a site to site vpn on serial interfaces using k9 images of 7200's but I can't seem to ping and UP the interface that are supposed to be tunnelling.

Please guide me on what logs do I need to provide for you to see what is wrong?


Top
 Profile  
 
 Post subject: Re: Site to Site VPN configuration
PostPosted: Thu Sep 04, 2014 8:50 pm 
Offline

Joined: Sat Aug 17, 2013 7:59 pm
Posts: 123
Location: Upper Silesia, Poland
1. You DO NOT have to use k9 images just for creating tunnel interfaces - you can do it even on images that do not support crypto. It is called GRE tunnelling.
2. Crypto is required for IPSec, which is used to ecnrypt traffic between two routers - but of course usually IPSec policies are applied on Tunnel interfaces.

So what problem do you have? With GRE tunnelling or with encrypting traffic on tunnel interfaces (IPSesc/ISAKMP problems)?

Good example about creating pure GRE tunnel are at https://supportforums.cisco.com/documen ... gre-tunnel and for complete GRE tunnel encrypted by IPSec look at http://www.firewall.cx/cisco-technical- ... ipsec.html
Of course, there are tons of documentation at Cisco site covering both GRE and IPSec.



_________________
If you can see any inaccuracies or other language-related mistakes in my post(s), please forgive me - English is not my native language


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO