Beispielconfig für IPsec VPN mit Cisco 1800er Routern.
ip domain name xxxxxxxxxx.xx
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
crypto isakmp key VPNSECRETKEY address 111.111.111.111
!
!
crypto ipsec transform-set TS_ESP-3DES esp-3des esp-sha-hmac
mode tunnel
crypto map IPSec-VPN 10 ipsec-isakmp
description IPSec Tunnel to Honolulu
set peer 111.111.111.111
set transform-set TS_ESP-3DES
match address 100
interface Dialer1
dialer pool 1
encapsulation ppp
ppp chap hostname <LOGIN>
ppp chap password <PASSWORD>
ppp pap sent-username <LOGIN>
password <PASSWORD>
ip address negotiated
ip mtu 1492
ip tcp adjust-mss 1452
ip nat outside
crypto map IPSec-VPN
!
no ip route 0.0.0.0 0.0.0.0
ip route 0.0.0.0 0.0.0.0 Dialer1
ip route 10.0.0.0 255.0.0.0 Null0 254 name Drop-Private-IPs
ip route 172.16.0.0 255.240.0.0 Null0 254 name Drop-Private-IPs
ip route 192.168.0.0 255.255.0.0 Null0 254 name Drop-Private-IPs
ip route 192.168.111.111 255.255.255.0 111.111.111.111 name Private Subnet on VN Target Site 