VPN Config
Hi guys,
We have a watchguard firebox running at our HQ and a remote user with a Cisco 827 and I want to set up a static VPN tunnel between the two. The watchguard config is good but I would just like some help with the cisco config. This is what I have so far:
crypto isakmp policy 15
encryption 3des
authentication pre-share
group 2
crypto isakmp key sharedkey address x.x.x.x
!
crypto ipsec transform-set xxxVPN esp-3des esp-md5-hmac
!
crypto map test 100 ipsec-isakmp
set peer x.x.x.x
set transform-set xxxVPN
match address 150
access-list 150 permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255
Does this look lacking or is it correct? I'm not 100% sure on this one.
Another problem I have is that the 827 wont accept the access-list statement the way I have written it, it asks for the protocol(IP) in hex which is 0x800 but then it asks for a protocol mask in hex too.
Cheers --
Stephen
We have a watchguard firebox running at our HQ and a remote user with a Cisco 827 and I want to set up a static VPN tunnel between the two. The watchguard config is good but I would just like some help with the cisco config. This is what I have so far:
crypto isakmp policy 15
encryption 3des
authentication pre-share
group 2
crypto isakmp key sharedkey address x.x.x.x
!
crypto ipsec transform-set xxxVPN esp-3des esp-md5-hmac
!
crypto map test 100 ipsec-isakmp
set peer x.x.x.x
set transform-set xxxVPN
match address 150
access-list 150 permit ip x.x.x.x 0.0.0.255 x.x.x.x 0.0.0.255
Does this look lacking or is it correct? I'm not 100% sure on this one.
Another problem I have is that the 827 wont accept the access-list statement the way I have written it, it asks for the protocol(IP) in hex which is 0x800 but then it asks for a protocol mask in hex too.
Cheers --
Stephen
I am the lizard King. I can do anything.