147
Cisco 3900 Series, Cisco 2900 Series, and Cisco 1900 Series Integrated Services Routers Generation 2 Software Configuration Guide
Chapter Configuring Security Features
Configuring VPN
Step 3
tunnel source interface-type number
Example:
Router(config-if)# tunnel source
fastethernet 0
Router(config-if)#
Specifies the source endpoint of the router for the
GRE tunnel.
Step 4
tunnel destination default-gateway-ip-address
Example:
Router(config-if)# tunnel destination
192.168.101.1
Router(config-if)#
Specifies the destination endpoint of the router for
the GRE tunnel.
Step 5
crypto map map-name
Example:
Router(config-if)# crypto map static-map
Router(config-if)#
Assigns a crypto map to the tunnel.
Note Dynamic routing or static routes to the
tunnel interface must be configured to
establish connectivity between the sites.
See Cisco IOS Security Configuration
Guide: Secure Connectivity, Release
12.4T for details.
Step 6
exit
Example:
Router(config-if)# exit
Router(config)#
Exits interface configuration mode and returns to
global configuration mode.
Step 7
ip access-list {standard | extended}
access-list-name
Example:
Router(config)# ip access-list extended
vpnstatic1
Router(config-acl)#
Enters ACL
1
configuration mode for the named
ACL that the crypto map uses.
Step 8
permit protocol source source-wildcard
destination destination-wildcard
Example:
Router(config-acl)# permit gre host
192.168.100.1 host 192.168.101.1
Router(config-acl)#
Specifies that only GRE traffic is permitted on the
outbound interface.
Step 9
exit
Example:
Router(config-acl)# exit
Router(config)#
Returns to global configuration mode.
1. ACL = access control list
Command or Action Purpose
To Next Page
Loading...
