Scribd
Upload
122 views3 pages

VPN Tunnel Configuration Using Packet Tracer

VPN tunnel configuration using Packet Tracer

Uploaded by

Riyad Alelwany
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
122 views3 pages

VPN Tunnel Configuration Using Packet Tracer

VPN tunnel configuration using Packet Tracer

Uploaded by

Riyad Alelwany
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

VPN tunnel configuration using Packet Tracer

a VPN tunnel using Cisco Packet Tracer, follow these steps. This guide assumes you are
setting up an IPSec Site-to-Site VPN between two routers.

Network Topology

 Site A (Egypt): Inside Network: 192.168.3.0/24


 Site B (Italy): Inside Network: 192.168.4.0/24
 Public IPs: Egypt (12.0.0.1) and Italy (12.0.0.2)

Steps

1. Configure the Interfaces

Assign IP addresses to router interfaces.

Egypt:

interface Serial0/0/0
ip address 12.0.0.1 255.0.0.0
no shutdown

interface GigabitEthernet0/0
ip address 192.168.3.1 255.255.255.0
no shutdown

Italy:

interface Serial0/0/1
ip address 12.0.0.2 255.0.0.0
no shutdown

interface GigabitEthernet0/0
ip address 192.168.4.1 255.255.255.0
no shutdown

2. Enable the Security Technology package.

license boot module c1900 technology-package securityk9


3. Define the IKE Phase 1 Policy

IKE (Internet Key Exchange) is a protocol used in IPsec to securely establish a shared
cryptographic key and negotiate security associations (SAs) between devices. It ensures
that the communication is authenticated, secure, and encrypted.

Configure the ISAKMP policy on both routers.

Egypt and Italy:

crypto isakmp policy 10


encr aes 256
hash sha
authentication pre-share
group 5
lifetime 86400

Set the pre-shared key:

crypto isakmp key vpnpa55 address 12.0.0.1


crypto isakmp key vpnpa55 address 12.0.0.2

4. Define the Transform Set for Phase 2

Specify how traffic will be encrypted.

Egypt and Italy:

crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac

5. Configure the Crypto Map

Link the VPN configuration to the appropriate interface.

Egypt:

crypto map VPN-MAP 10 ipsec-isakmp


description VPN connection to Router Italy
set peer 12.0.0.2
set transform-set VPN-SET
match address 110

interface Serial0/0/0
crypto map VPN-MAP

Italy:

crypto map VPN-MAP 10 ipsec-isakmp


description VPN connection to Router Egypt
set peer 12.0.0.1
set transform-set VPN-SET
match address 110

interface Serial0/0/1
crypto map VPN-MAP

6. Define the Traffic to be Encrypted

Create access control lists (ACLs) to define the interesting traffic.

Egypt:

access-list 110 permit ip 192.168.3.0 0.0.0.255 192.168.4.0 0.0.0.255

Italy:

access-list 110 permit ip 192.168.4.0 0.0.0.255 192.168.3.0 0.0.0.255

7. Verify the Configuration

 Ping Test: Test connectivity between devices in the inside networks (e.g.,
192.168.3.2 to 192.168.4.2).
 Use the following commands to verify the tunnel:

show crypto isakmp sa


show crypto ipsec sa

You might also like