how to configured two routers cisco 1841 vpn configuration with serial cable with commands

bygolla bala prathap -
0

 how to configured two routers cisco 1841 vpn configuration with serial cable with commands

Cisco 1841 Site-to-Site VPN Configuration Using Serial Cable

This example shows how to configure two Cisco 1841 Integrated Services Router routers with:

  • Serial cable connection

  • Static IP addresses

  • Site-to-Site IPSec VPN

  • Basic routing

Network Diagram

LAN1 ---- Router1 ===== Serial Cable ===== Router2 ---- LAN2

PC1                               PC2
192.168.1.0/24                    192.168.2.0/24

IP Address Table

DeviceInterfaceIP Address
Router1FastEthernet0/0192.168.1.1
Router1Serial0/0/010.0.0.1
Router2FastEthernet0/0192.168.2.1
Router2Serial0/0/010.0.0.2

Step 1: Connect the Routers

Use:

  • Serial DCE cable

  • Connect Serial0/0/0 ↔ Serial0/0/0

One router must provide clock rate.

Step 2: Configure Router1

Enter Privileged Mode

enable
configure terminal

Configure Interfaces

interface fastethernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
exit

interface serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown
exit

Configure Static Route

ip route 192.168.2.0 255.255.255.0 10.0.0.2

Step 3: Configure Router2

enable
configure terminal

Configure Interfaces

interface fastethernet0/0
ip address 192.168.2.1 255.255.255.0
no shutdown
exit

interface serial0/0/0
ip address 10.0.0.2 255.255.255.252
no shutdown
exit

Configure Static Route

ip route 192.168.1.0 255.255.255.0 10.0.0.1

Step 4: Configure ISAKMP Policy (VPN Phase 1)

Router1

crypto isakmp policy 10
encryption aes
hash sha
authentication pre-share
group 2
lifetime 86400
exit

crypto isakmp key cisco123 address 10.0.0.2

Router2

crypto isakmp policy 10
encryption aes
hash sha
authentication pre-share
group 2
lifetime 86400
exit

crypto isakmp key cisco123 address 10.0.0.1

Step 5: Configure IPSec Phase 2

Router1

crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
exit

access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

crypto map VPN-MAP 10 ipsec-isakmp
set peer 10.0.0.2
set transform-set VPN-SET
match address 100
exit

interface serial0/0/0
crypto map VPN-MAP
exit

Router2

crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
exit

access-list 100 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

crypto map VPN-MAP 10 ipsec-isakmp
set peer 10.0.0.1
set transform-set VPN-SET
match address 100
exit

interface serial0/0/0
crypto map VPN-MAP
exit

Step 6: Save Configuration

Both Routers

end
write memory

OR

copy running-config startup-config

Step 7: Verify VPN

Check Interfaces

show ip interface brief

Check VPN Status

show crypto isakmp sa

show crypto ipsec sa

Step 8: Test Connectivity

From Router1:

ping 192.168.2.1

From Router2:

ping 192.168.1.1

Expected Result

  • Serial interfaces should be UP

  • VPN tunnel should establish automatically

  • PCs from both LANs can communicate securely

Useful Troubleshooting Commands

show running-config

show controllers serial 0/0/0

debug crypto isakmp

debug crypto ipsec

Simple VPN Process

  1. Configure interfaces

  2. Configure routing

  3. Configure ISAKMP policy

  4. Configure pre-shared key

  5. Configure IPSec transform set

  6. Create ACL

  7. Apply crypto map

  8. Test VPN

Popup Iframe Example

You may like these posts

Post a Comment

Previous Post Next Post