Hi Guys,

I'm trying to setup a VPN connection for the two PC's in the graphic below. I have the link between the two locations setup and secured, now I just need help with the routing elements.

Can someone let me know what I need to add to the firewall config in order to get this to work? Appreciate any help!



Here is what I have:

SITE A
------
access-list mpls_vpn_sitea extended permit ip host 172.168.199.1 host 172.168.199.2
access-list mpls_vpn_sitea extended permit ip TEST-LOCAL 255.255.255.0 TEST-REMOTE 255.255.255.0
crypto map mpls_vpn 1 match address mpls_vpn_sitea
crypto map mpls_vpn 1 set peer 172.168.199.2
crypto map mpls_vpn 1 set transform-set ESP-3DES-SHA
crypto map mpls_vpn interface MPLS
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac


SITE B
------
access-list mpls_vpn_siteb extended permit ip host 172.168.199.2 host 172.168.199.1
access-list mpls_vpn_siteb extended permit ip TEST-LOCAL 255.255.255.0 TEST-REMOTE 255.255.255.0
crypto map mpls_vpn 1 match address mpls_vpn_siteb
crypto map mpls_vpn 1 set peer 172.168.199.1
crypto map mpls_vpn 1 set transform-set ESP-3DES-SHA
crypto map mpls_vpn interface MPLS
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac


do I need to specify a route between the two networks? What do I need to have for NAT statements?

thanks!

add your nat exemptions and static routes (or routing protocols if you use them) between each site and your should be good to go!

_________________
CCNA, CCNA Security