ExamNotes.net - IT certification portal

ForumsCertResearchTop sitesNewslettersFree email
HomeRegister
Exams Notes
Practice exams
Exam games
Questions by email
Online training
Training videos
College degrees
Boot camps
Book store
Links directory
Tell a friend
For webmasters

CompTIA Exam Vouchers
Save money on CompTIA exams
Question of the day
Sign up to receive
interactive practice questions
for MCSE, CompTIA
Cisco and other exams
TestKing
Get MCSE, MCSD, CCNA, CCNP,A+, N+ and many more

* ExamSheets *
Guide for Success!
Actual Questions & Answers
MCSE, MCSD, A+ ,CCNA, CCNP
Oracle 8i, Oracle 9i

Online practice tests

Certification sites

Online university

Online college

Online education

Distance learning

Software forum

Server administration forum

Programming resources




This is interesting: Free IT Magazines | Databases help forum



Cisco > CCNP > 3640 to 3640 ipsec vpn configuration
Show a Printable Version
Email This Page to Someone!
Receive updates to this thread



Featured site: Online CCNP practice exams from Cert21.com



Author 3640 to 3640 ipsec vpn configuration
beenframed
Senior Member




Registered: Sep 2000
Location: NYC
Country: USA
State:
Certifications: A+
Working on:

Total Posts: 396
3640 to 3640 ipsec vpn configuration

I have been asked to set up an ipsec vpn between two 3640's, both of them are behind firewalls. Does anyone have links to good reference material that will help me out.

Thanks,

-bf

__________________
BeenFramed

Report this post to a moderator

Old Post 12-13-01 06:18 PM
beenframed is offline Click Here to See the Profile for beenframed Click here to Send beenframed a Private Message Add beenframed to your buddy list Find more posts by beenframed Reply w/Quote Edit/Delete Message IP: Logged
MadChef
A Huge Fake




Registered: Sep 2000
Location:
Country: USA
State:
Certifications:
Working on: A Sex Farm

Total Posts: 1426

If the firewalls are doing NAT, it's very difficult to get IPSec to function properly between devices behind the firewalls because the firewall would need to change information in the header and that would break the hashing done by IPSec. The typical way around this that I know of is to encapsulate IPSec packets in UDP datagrams and then NAT those, but I don't know that IOS can do this.
The first thing I would recommend is trying to do this between your firewalls if possible. Failing that, start studying.

An introduction to IPSec:
http://www.cisco.com/warp/public/105/IPSECpart1.html

The IPSec support page with lots of links to configs:
http://www.cisco.com/cgi-bin/Suppor...etworking:IPSec


IPSec router to router w/ preshared keys:
http://www.cisco.com/warp/customer/...d_private.shtml

Good luck.

MadChef

Report this post to a moderator

Old Post 12-14-01 09:55 AM
MadChef is offline Click Here to See the Profile for MadChef Click here to Send MadChef a Private Message Add MadChef to your buddy list Find more posts by MadChef Reply w/Quote Edit/Delete Message IP: Logged
sidodgers
Member




Registered: Nov 2001
Location: Melbourne
Country: Australia
State:
Certifications: CCNA, CCNP, CCIE (written)
Working on: CCIE (other bit), SCSA/SCNA

Total Posts: 72

OK,

further to the above, on the firewall at each end you'll need to permit IP protocols 50 and 51 (ESP and AH, the 'new' and 'old' IPSec protocols respectively,) and UDP port 500 from one end to the other.

Report this post to a moderator

Old Post 12-16-01 05:46 AM
sidodgers is offline Click Here to See the Profile for sidodgers Click here to Send sidodgers a Private Message Add sidodgers to your buddy list Find more posts by sidodgers Reply w/Quote Edit/Delete Message IP: Logged
All times are GMT.
Post new thread   Post reply

Click here for CCNP study guides

Cisco exam notes

Forum Jump:
Rate This Thread:
Forum Rules:
Who Can Read The Forum? Any registered user or guest.
Who Can Post New Topics? Any registered user.
Who Can Post Replies? Any registered user.
Changes: Messages can be edited by their author.
Posts: HTML code is OFF. Smilies are ON. vB code is ON. [IMG] code is ON.		  

ExamNotes forum archive

Copyright © 1999 - 2006 ExamNotes.net Inc. All rights reserved.

Powered by: vBulletin 2.2.8
Copyright ©2000, Jelsoft Enterprises Limited.

  Free Braindumps | mcse braindumps