cisco ipsec over gre ALICO ROUTER
=======================================IP ================
interface FastEthernet0/0
ip address 172.31.238.9 255.255.255.252
duplex auto
speed auto
!
interface FastEthernet0/1
description BDCOM Connectivity
ip address 172.31.238.18 255.255.255.252
ip route 0.0.0.0 0.0.0.0 172.31.238.17
ip route 10.40.94.0 255.255.255.0 172.31.238.10
ip route 119.40.81.1 255.255.255.255 172.16.65.1 name BDCOM_IPTSP
ip route 119.40.81.5 255.255.255.255 172.16.65.1 name BDCOM_IPTSP
===================================ipsec ====
R2(config)#crypto isakmp policy 10
R2(config)#crypto ipsec transform-set alico esp-3des esp-sha-hmac
R2(config-isakmp)# encr 3des
crypto isakmp key 6 test987 address 119.40.80.102
crypto map alico_ipsec 1 ipsec-isakmp
set peer 119.40.80.102
set transform-set alico
match address acl_alico
exit
ip access-list extended acl_alico
permit ip host 172.16.65.2 host 172.16.65.1
permit ip 10.40.94.0 0.0.0.255 host 119.40.81.1
permit ip 10.40.94.0 0.0.0.255 host 119.40.81.5
exit
interface Tunnel1
crypto map alico_ipsec
======================GRE==========
interface Tunnel1
description tunnel_for_bdcomtoalico
ip address 172.16.65.2 255.255.255.252
tunnel source 172.31.238.18
tunnel destination 119.40.80.102
————-
no ip http secure-server
snmp-server community access@bdcom RO
User====pass
enable password BDc0m987
Router(config)#line console 0
Router(config-line)#password cisco
Router(config-line)#login
Router(config-line)#exit
Router#config terminal
Router(config)#line vty 0 4
Router(config-line)#password cisco
Router(config-line)#login transport input telnet
Router(config-line)#exit
username cisco privilege 7 password 7 XXX
username alico privilege 7 password 7 XXX
username bdcom privilege 15 password 7 BDc0m987
service password-encryption
============
alico#show running-config
Building configuration…
Current configuration : 1842 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname alico
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$YEA9$hN85qpsBylWJ4HbJpBDd4.
!
aaa new-model
!
!
!
!
aaa session-id common
ip cef
!
!
!
!
!
multilink bundle-name authenticated
!
!
!
!
username cisco password 7 070D254F1E04405D40
username alico password 7 080140470A49544641
username bdcom password 7 143536085C09737373
username aminul privilege 15 password 7 121F0C05011F5F577378
!
!
!
crypto isakmp policy 10
encr 3des
authentication pre-share
crypto isakmp key 6 test987 address 119.40.80.102
!
!
crypto ipsec transform-set alico esp-3des esp-sha-hmac
!
crypto map alico_ipsec 1 ipsec-isakmp
set peer 119.40.80.102
set transform-set alico
match address acl_alico
!
!
!
!
interface Tunnel1