1/28/2016

ShowIPProtocols:SitetositeIPSecVPNConfigurationExample(ptipsec.pkt),usingPacketTracerVersion5.2
2

Meer Volgendeblog

renzo.caldato@gmail.com

Show IP Protocols
BuildDreamInternet
Home

Best Use

Subscribe by Email

CCNA Exploration 4.0

SearchinShowIPProtocols

Search

AboutLiJiHong

LiJiHong
AdChoices

CiscoLab CiscoASA CiscoIOS IPSecVPN

Follow

274

CCIE#8299,CCSI#30641,
andIbuildDreamInternet.

Tuesday,May12,2015

SitetositeIPSecVPNConfigurationExample(ptipsec.pkt),using
PacketTracerVersion5.2
+2 Recommend this on Google
RelatedPosts:IPSec,Security

Ibelievelearningitselfiseverybody'sfavorite
habit.Mymissionistocleargapsandbarriers
it,asmuchasIcan!

Subscribeto"ShowIPProtocols"

renzo.caldato@gmail.com Submit

HowTo?

FeaturedPost

SimplevisualtooltocalculateCisc
IOSWildcardMask

Icreatethistoolforyoutoeasilycalculate
equivalentWildcardMaskforanygivenIPv4
addressandsubnetmask.Youcanmakeuse

PacketTracerVersion5.2SitetositeIPSecVPNConfigurationExample(ptipsec.pkt)

Summaryofconfigurationstepsisinbelow.
1.DefineTransformSets.
!
cryptoipsectransformsetMOSTSECUREespaes256espshahmac
!

2.DefineIPSecCryptoMap
!
accesslist100permitip10.1.1.00.0.0.25510.2.2.00.0.0.255
!
cryptomapPTIPSEC1000ipsecisakmp
descriptionPacketTracerIPSECTestCryptoMap
setpeer172.16.2.1
setpfsgroup5

HotPosts

Loopbackdetected,portwenterrordisabled
suddenly

Observeandconfiguredesigna
switchasSpanningTree
Protocol'srootrole(CNA030

setsecurityassociationlifetimeseconds120
settransformsetMOSTSECURE
matchaddress100

DualStackIPv6andIPv4
configuration(CNA04006)

3.DefineISAKMPpolicytoprotectpreviousIPSecSecurityAssociation

DefaultreservedVLANnumbe
onCiscoIOSandNXOS

!
cryptoisakmppolicy100
encraes256
authenticationpreshare

BGPsamplepractice,inthene
PacketTracer5.3

group5
lifetime60

http://showipprotocols.blogspot.nl/2015/05/sitetositeipsecvpnconfiguration.html

1/4

1/28/2016

ShowIPProtocols:SitetositeIPSecVPNConfigurationExample(ptipsec.pkt),usingPacketTracerVersion5.2
!

Northbound,Southbound,and
East/Westbound.Whatdothe
mean?

4.DefineAuthenticationKey.Inthissimpleexample,Ijustusesimple"PreShared
Key"authentication.

HowtoremoveVTPdomainstring:2reload

!
cryptoisakmpkeysamekeyaddress172.16.2.1

LatestComments

Iamreallygladtoknowithelps!Thanksa
fo...

5.AttachIPSecCryptoMaptooutgoinginterface.

Ilikedthatthanks,justusedittofixa
problem...

Greatpost.MyfriendtoldmeIneedtolook
Ci...

interfaceSerial0/0/0

Q1:&quotificonsideraneBGPscenarios
ha...

IcreatedanewpostaboutExternalBGP.Y
cant...

ipaddress172.16.1.1255.255.255.252
cryptomapPTIPSEC

LiJiHongon"ShowIP

118likes

Doyoulikethispost?Youreallyshouldconsider
SubscribingbyEmail!

LikePage

Bethefirstofyourfriendstolikethis

+2 Recommend this on Google

Tweet

Like

LiJiHongon"ShowIP
Protocols"

Youmightalsolike:

January13at1:35amTaipei,Taiwan

IfyoucannotloginabrandnewCisco
UCSCSeriesServerwiththedefault
password"password",itcouldbeCisco's
fault.
BGPsample
practice,inthenew
PacketTracer5.3

SimpleBGP
MultipathTestin
PacketTracer5.3

PacketTracer5.0
Released!

SolvingClassful
addressing
problem,usingRIP
(CNA02005)

PPPwithCHAP
Authentication,
QuickReference

http://www.cisco.com///docs/field
notices/640/fn64093.html

Linkwithin

FieldNotice:FN64093
UCSCSeriesDefault
PasswordforUnits
CISCO.COM

Followers

Jointhissite
withGoogleFriendConnect

Members(16)

RelatedPosts:IPSec,Security
PostedbyLiJiHongat10:29PM

Thumbs up (0)

Reactions:

0Comments

Agree (0)

Alreadyamember?Signin

Disagree (0)

Sortby Oldest

Addacomment...

FacebookCommentsPlugin

http://showipprotocols.blogspot.nl/2015/05/sitetositeipsecvpnconfiguration.html

2/4

1/28/2016

ShowIPProtocols:SitetositeIPSecVPNConfigurationExample(ptipsec.pkt),usingPacketTracerVersion5.2

1 comment

Add a comment as Renzo Caldato

Top comments

Li-Ji Hong () via Google+ 8 months ago (edited) - Shared publicly

BlogArchive

This
is just an old version of IPSec configuration example on Cisco IOS
using Packet Tracer. I still post it here in case you find it helpful to you.

2015(10)
October(1)

http://showipprotocols.blogspot.com/2015/05/site-to-site-ipsec-vpnconfiguration.html
+1
2

June(1)
May(1)

SitetositeIPSecVPNConfigurationExam
(pti...

1 Reply

April(1)
February(4)
January(2)
2014(15)
2013(19)
2012(7)
2011(10)
2010(30)

Nocomments:

2009(48)

PostaComment

2007(3)

2008(13)

Tip:youcanalsoanonymouslycommenthere.

Labels

BGP Books BYOD CCIE CCNA

Exploration 4.0 CCNP CHAP
Cisco Network Academy
ACL

Enteryourcomment...

Products Cisco UCS Cisco.com Cloud

Comments DataCenter Default Route
Commentas:

Redundancy DNS EIGRP

chinoso(Google)

Lab Tips

Exam Preparation

Frame Relay Ideas IOS IOS Limits IOS XR

Signout
Publish

Comp

Maintenance Tips Manual

Route

OpinionsNASNAT NXOS Optical OSPF

Tracer
Notifyme

Preview

PAT PPP Quick Reference

CommunicationRIPRouteronaStick Routing Con

SDN Security Small and Medium Businesses

Grid Spanning Tree Protocol SSL VPN
this Blog Take a Break TFTP Timely Info
Unified Communications Virtualization VLAN

VTPWindowsWirelessLAN

ThisworkbyLIJIHONGislicensedundera
CreativeCommonsAttribution3.0Unported
License.

[Mailtome]
[]

Linkstothispost
CreateaLink

NewerPost

Home

OlderPost

Subscribeto:PostComments(Atom)

AdChoices

IPSecVPNCiscoCCNA CiscoVPN IPAddress

PopularPosts

BGPsamplepractice,inthenewPacketTracer5.3
IcreatedthispracticetotestthePacketTracer5.3featuresofBGP.

DualStackIPv6andIPv4configuration(CNA04006)
CCNAExploration4.0,Semester4,"DualStackIPv6andIPv4configuration"PacketTracer5.0practicefile(CNA04
006)....

http://showipprotocols.blogspot.nl/2015/05/sitetositeipsecvpnconfiguration.html

3/4

1/28/2016

ShowIPProtocols:SitetositeIPSecVPNConfigurationExample(ptipsec.pkt),usingPacketTracerVersion5.2

Loopbackdetected,portwenterrordisabledsuddenly
OneworkingswitchportonmyCiscoCatalyst2950suddenlywentdownbyitself!Ofcourse,myphonerangwhenI
washavingdinner,andthe...
HowtoremoveVTPdomainstring:2reloads
TorestoreaIOSswitchtoa"wholenew"state,itisnecessarytocleareventhe"VTPdomain"stringtonull.I
thought...
UsingTFTPtorecoverCiscoIOSImagefile,andtobackup/restoreconfigurations(CNA04003)
CCNAExploration4.0,Semester4,"UsingTFTPtorecoverCiscoIOSImagefile,andtobackup/restore
configurations"PacketTracer...

AdChoices

MyIP

IPSecIPV6 IPV6Cisco CiscoExam

Tweets

Follow

LiJi Hong @hongliji

How to tell whether a video file is 1080i or 1080p?: I found my
answer here and it works for goo.gl/fb/8GP6i0

2h

Show Summary

LiJi Hong @hongliji

goo.gl/fb/xv23aZ

25 Jan

Show Summary

LiJi Hong @hongliji

25 Jan
:
goo.gl/fb/tU1zJK
Show Summary

LiJi Hong @hongliji

25 Jan
:

goo.gl/fb/bhypUX
Show Summary

LiJi Hong @hongliji

21 Jan
Zoochosis: Escalator Music: An der schnen blauen Donau op.
314: I like the music. Wiki goo.gl/fb/0fc6M3
Show Summary

LiJi Hong @hongliji

3G:

14 Jan

Tweet to @hongliji

CCNAExploration4.0,Semester2,CompanionPracticesbyLi
Ji,forCiscoNetworkAcademystudents

CCNAExploration4.0,Semester3,CompanionPracticesbyLi
Ji,forCiscoNetworkAcademystudents

CCNAExploration4.0,Semester4,CompanionPracticesby
Ji,forCiscoNetworkAcademystudents

Manualroutesonlyconfigurationpractice(CNA02
001)

EnableVirtualLAN(VLAN)toseperatetwoLayer2
worlds(CNA03001)

ConfiguringPPPonserialinterfacesandCHAP
Authentication(CNA04001)

Automaticroutingtablemaintenancebyrouting
protocolconfiguration,usingRIPv1(CNA02002)

ProvidingtwoVirtualLAN(VLAN),using2connected
switches(CNA03002)

FrameRelayandRIPproblemconfigurationand
observation(CNA04002)

Automaticroutingtablemaintenancebyrouting
protocolconfiguration,stillusingRIPv1(CNA02003)

ProvidingtwoVirtualLAN(VLAN),using3connected
switches(CNA03003)

UsingTFTPtorecorverCiscoIOSImagefile,andt
backup/restoreconfigurations(CNA04003)

ObserveadvertisementofDefaultRoutebyautomatic
routingprotocol,stillusingRIPv1(CNA02004)

EnableVTPtodistributeVLANinformation,and
providetwoVirtualLAN(VLAN),using3connected
switches(CNA03004)

UsingAccessControlList(ACL)torestrictinbound
Internetaccess(CNA04004)

SolvingClassfuladdressingproblem,usingRIP(CNA
02005)
ObserveandsolveClassfuladdressingproblem,using
EIGRP(CNA02006)
ObserveandsolveClassfuladdressingproblem,using
OSPF(CNA02007)

ObserveandconfiguredesignatedswitchasSpanning
TreeProtocol'srootrole(CNA03005)
Provideacross3VLANs,Layer3connectivityusinga
routerwith3LANinterfaces(CNA03006)
Provideacross3VLANs,Layer3connectivityusinga
routerwithsingleLANinterface(CNA03007)

ConfigureNAT/PATtoenableoutboundInternet
connectivity(CNA04005)

DualStackIPv6andIPv4configuration(CNA040

TotalPageviews(Since2010)

196905

Simpletemplate.TemplateimagesbyNikada.PoweredbyBlogger.

http://showipprotocols.blogspot.nl/2015/05/sitetositeipsecvpnconfiguration.html

4/4