I have a router (router A) with two networks behind it and need to create ipsec tunnel to another router (router B):
Router A
Network A 10.1.1.0/24
Network B 172.16.20.0/24
Router B
Network 10.0.0.0/24
This is what I have tried and it doesnt work.
ip ipsec peer print:
address=b.b.b.b/32:500 auth-method=pre-shared-key
secret=“#d4ed8oecldrtc!” generate-policy=no exchange-mode=main
send-initial-contact=yes nat-traversal=no proposal-check=obey
hash-algorithm=sha1 enc-algorithm=3des dh-group=modp1024 lifetime=1d
lifebytes=0 dpd-interval=disable-dpd dpd-maximum-failures=5
ip ipsec proposal print:
name=“default” auth-algorithms=sha1 enc-algorithms=3des lifetime=30m pfs-group=none
ip ipsec policy print:
0 src-address=10.1.1.0/24:any dst-address=10.0.0.0/24:any protocol=all
action=encrypt level=require ipsec-protocols=esp tunnel=yes
sa-src-address=a.a.a.a sa-dst-address=b.b.b.b
proposal=default priority=0
1 src-address=172.16.20.0/24:any dst-address=10.0.0.0/24:any protocol=all
action=encrypt level=require ipsec-protocols=esp tunnel=yes
sa-src-address=a.a.a.a sa-dst-address=b.b.b.b
proposal=default priority=0
Router A outside address replaced with (a.a.a.a)
Router B outside address replaced with (b.b.b.b)
How can I make this work?
Thanks,