IP Networking Configuration
Configuration Guide 72 Document #: LTRT-31657
11.4.3 Multi-WAN with BGP and IPSec
This example shows a scenario with multi-WAN topology, involving two types of
technologies for redundant connectivity -- BGP dynamic routing protocol and IPsec VPN,
with each protocol running on a different physical interface.
This type of connectivity provides redundancy, security on untrusted circuits and an option
to fine-tune routing parameters in your network.
Figure 11-6: Multi WAN with BGP and IPsec
11.4.3.1 MSBR1 Configuration
configure data
access-list ipsec permit ip 192.168.0.0 0.0.0.255 any
crypto isakmp key P@ssw0rd address 10.10.10.20
crypto isakmp policy 1
encr aes 128
authentication pre-share
hash sha
group 2
lifetime 3600
exit
crypto ipsec transform-set crypto_set1 esp-aes 128 esp-sha-hmac
mode tunnel
exit
crypto map MAP1 1 ipsec-isakmp
set peer 10.10.10.20
set transform-set crypto_set1
set security-association lifetime seconds 28000
match address ipsec
set metric 42
exit
interface GigabitEthernet 0/0
ip address 20.20.20.10 255.255.255.0
mtu auto
desc "WAN Copper"
speed auto
duplex auto
no service dhcp
To Next Page
Loading...
Need help?
General
