Setting up a vpn via 2 cisco 837 routers

[Xavier4life]

Hey im completely new to Cisco but i have 2 new Cisco 837 routers and would like to join our two site via vpn but don’t have much of an clue what to do, so far all i have done is set them up as routers using the web interface. Any help would be appreciated

 

[MartinR82]

crypto isakmp policy 1
hash md5
authentication pre-share
group 2

crypto isakmp key Make1up address <peer address>

crypto ipsec transform-set set1 ah-md5-hmac esp-des

(this is assuming that single des is appropriate for your needs)

crypto map vpn-traffic 10 ipsec-isakmp
set peer <peer address>
set transform-set set1
match address 101

You will need to add crypto map vpn-traffic to the outside interface

access-list 101 permit ip <local network and subnet> <remote network and subnet>

if you are using the IOS firewall you will need to add into the ACL the a permission from the local subnet to the peer also. If you are not then make sure you allow the appropriate protocols through the outside access list.

Hope that helps

 

[JOAMON]

DH Group 2 for site to site VPN? Thought group 2 was for remote client VPN connections and the default group 1 for site to site was the recommended method.