- Sep 6, 2013
- 4
- 0
- 0
Below is an example of the IPSec tunnel i implemeted for a customer from my company.
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group x.x.x.x ipsec-attributes
pre-shared-key XXXXXXXX
access-list Voice extended permit ip host (Company IP Range) y.y.y.y
crypto map vpn 260 match address Voice
crypto map vpn 260 set peer x.x.x.x
crypto map vpn 260 set transform-set 3DES-MD5
crypto map vpn 260 set security-association lifetime seconds 86400
I have seen in everywhere that the Customer Peer x.x.x.x and the customer subnet/host y.y.y.y are always of different sub nets? Is there any reason behind it? would there be a problem if they are of the same subnet?
tunnel-group x.x.x.x type ipsec-l2l
tunnel-group x.x.x.x ipsec-attributes
pre-shared-key XXXXXXXX
access-list Voice extended permit ip host (Company IP Range) y.y.y.y
crypto map vpn 260 match address Voice
crypto map vpn 260 set peer x.x.x.x
crypto map vpn 260 set transform-set 3DES-MD5
crypto map vpn 260 set security-association lifetime seconds 86400
I have seen in everywhere that the Customer Peer x.x.x.x and the customer subnet/host y.y.y.y are always of different sub nets? Is there any reason behind it? would there be a problem if they are of the same subnet?