Routebased-Policybased VPN.pptx

Site to Site VPN
Policy Based & Route Based
Dhruv Sharma

Introduction
• In this session we will setup a site-to-site VPN between two cisco IOS routers, one configured with
Route Based VPN and other configured with Policy Based.

Pre-configured - R1
!
hostname R1
!
interface Loopback1
ip address 11.11.11.1 255.0.0.0
!
interface GigabitEthernet0/0
ip address 10.10.10.10 255.0.0.0
no sh
!

Pre-Configured – R2
!
hostname R2
!
interface Loopback1
ip address 12.12.12.1 255.0.0.0
!
ip address 10.10.10.11 255.0.0.0
no sh
!

!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 10.10.10.11
!
crypto ipsec transform-set ra-set esp-3des esp-md5-hmac
!
crypto ipsec profile profile1
set transform-set ra-set
!

!
interface Tunnel1
ip address 192.168.1.1 255.255.255.0
tunnel source GigabitEthernet0/0
tunnel mode ipsec ipv4
tunnel destination 10.10.10.11
tunnel protection ipsec profile profile1
!
ip route 12.0.0.0 255.0.0.0 Tunnel1
!

!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
crypto isakmp key cisco address 10.10.10.10
!
crypto ipsec transform-set ra-set esp-3des esp-md5-hmac
!
crypto map babi 20 ipsec-isakmp
set peer 10.10.10.10
set transform-set ra-set
match address 101
!

!
ip route 0.0.0.0 0.0.0.0 10.10.10.10
!
access-list 101 permit ip 12.0.0.0 0.255.255.255 11.0.0.0 0.255.255.255
!
ip address 10.10.10.11 255.0.0.0
duplex auto
speed auto
media-type rj45
crypto map babi
!

References
• https://community.cisco.com/t5/security-blogs/connect-route-based-
vpn-connect-to-policy-based-vpn/ba-p/4624682
• https://packetlife.net/blog/2011/aug/15/policy-based-vs-route-
based-vpns-part-1/

Routebased-Policybased VPN.pptx

Routebased-Policybased VPN.pptx

More Related Content

What's hot

Similar to Routebased-Policybased VPN.pptx

More from Dhruv Sharma

Recently uploaded

Routebased-Policybased VPN.pptx