7-9
Cisco Secure Router 520 Series Software Configuration Guide
OL-14210-01
Chapter 7 Configuring VPNs Using an IPsec Tunnel and Generic Routing Encapsulation
Configuration Example
Configuration Example
The following configuration example shows a portion of the configuration file for a VPN using a GRE
tunnel scenario described in the preceding sections.
!
aaa new-model
!
aaa authentication login rtr-remote local
aaa authorization network rtr-remote local
aaa session-id common
!
username cisco password 0 cisco
!
interface tunnel 1
ip address 10.62.1.193 255.255.255.252
Step 5
crypto map map-name
Example:
Router(config-if)# crypto map static-map
Router(config-if)#
Assigns a crypto map to the tunnel.
Note Dynamic routing or static routes to the
tunnel interface must be configured to
establish connectivity between the sites.
See the
Cisco IOS Security Configuration
Guide for details.
Step 6
exit
Example:
Router(config-if)# exit
Router(config)#
Exits interface configuration mode, and returns to
global configuration mode.
Step 7
ip access-list {standard | extended}
access-list-name
Example:
Router(config)# ip access-list extended
vpnstatic1
Router(config-ext-nacl)#
Enters ACL configuration mode for the named
ACL that is used by the crypto map.
Step 8
permit protocol source source-wildcard
destination destination-wildcard
Example:
Router(config-ext-nacl)# permit gre host
192.168.100.1 host 192.168.101.1
Router(config-ext-nacl)#
Specifies that only GRE traffic is permitted on the
outbound interface.
Step 9
exit
Example:
Router(config-ext-nacl)# exit
Router(config)#
Returns to global configuration mode.
Command or Action Purpose