Question : Cisco router IP sec VPN configuration

I did this IP sec configuration in Cisco routers but it doesn't work  
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
Router2#show running-config
Building configuration...

Current configuration : 1236 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 ???????
enable password ???????
!
no aaa new-model
ip cef
!
!
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key 6 iccsat6677888 address 79.170.7.38
!
!
crypto ipsec transform-set iccsat6677888 ah-sha-hmac esp-aes 256
!
crypto map iccsat6677888 1 ipsec-isakmp
 set peer 79.170.7.38
 set security-association lifetime seconds 190
 set transform-set iccsat6677888
 match address 101
!
!
!
interface FastEthernet0/0
 ip address 79.170.6.14 255.255.255.240
 duplex auto
 speed auto
 crypto map iccsat6677888
!
interface FastEthernet0/1
 ip address 192.168.15.1 255.255.255.0
 duplex auto
 speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 79.170.6.1
!
no ip http server
no ip http secure-server
!
access-list 101 permit ip 0.0.0.0 255.255.255.0 any
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password ?????????
 login
!
scheduler allocate 20000 1000
end

Router2#
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:
124:
125:
126:
127:
Router1#show RUNning-config
Building configuration...


Current configuration : 1354 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable password ???????????/
!
no aaa new-model
dot11 syslog
!
!
ip cef
!
!
!
multilink bundle-name authenticated
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
crypto isakmp policy 1
 hash md5
 authentication pre-share
crypto isakmp key 6 iccsat6677888 address 79.170.6.14
!
!
crypto ipsec transform-set iccsat6677888 ah-sha-hmac esp-aes 256
!
crypto map iccsat6677888 1 ipsec-isakmp
 set peer 79.170.6.14
 set security-association lifetime seconds 190
 set transform-set iccsat6677888
 match address 101
!
crypto map vpn1 1 ipsec-isakmp
 ! Incomplete
!
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 79.170.7.38 255.255.255.248
 ip broadcast-address 79.170.7.32
 duplex auto
 speed auto
 crypto map iccsat6677888
!
interface FastEthernet0/1
 ip address 192.168.200.1 255.255.255.0
 duplex auto
 speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 79.170.7.33
!
!
no ip http server
no ip http secure-server
!
access-list 101 permit ip 0.0.0.0 255.255.255.0 any
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password ????????
 login
!
scheduler allocate 20000 1000
!
end

Router1#

Answer : Cisco router IP sec VPN configuration

Hi,

you missed the acls:

you need the following:

Router A
conf t
no access-list 101
access-list 101 permit ip 192.168.15.0 0.0.0.255 192.168.200.0 0.0.0.255

Router B
conf t
no access-list 101
access-list 101 permit ip 192.168.200.0 0.0.0.255 192.168.15.0 0.0.0.255
Random Solutions  
 
programming4us programming4us