Xsr/cisco site-to-site example, Cisco configuration, Xsr/cisco site-to-site example -44 – Enterasys Networks Security Router X-PeditionTM User Manual

Configuration Examples

14-44 Configuring the Virtual Private Network

XSR/Cisco Site-to-Site Example

The following Site-to-Site configuration connects a Cisco 2600 router with internal/external IP
addresses of 192.168.3.5/192.168.2.5 to a XSR with internal/external IP addresses of 192.168.1.2/
192.168.2.2. The commands are displayed as they would appear when displayed in the
configuration file.

Cisco Configuration

version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption

hostname Cisco2600

enable secret 5 $1$9ljt$kg86F7Y1vsa2Np0Zj5wDf1
enable password welcome

ip subnet-zero

ip host spatel 192.168.1.1

crypto isakmp policy 1
hash md5
authentication pre-share
group 2
lifetime 1200

crypto isakmp policy 20
hash md5
authentication pre-share
lifetime 1200
crypto isakmp key welcome address 192.168.2.2

crypto ipsec security-association lifetime seconds 1800

crypto ipsec transform-set esp-des-md5 esp-des esp-md5-hmac

crypto map regular 1 ipsec-isakmp
set peer 192.168.2.2
set security-association lifetime kilobytes 10000
set security-association lifetime seconds 7200
set transform-set esp-des-md5
set pfs group2
match address 110

fax interface-type fax-mail
mta receive maximum-recipients 0