How to establish secure connections between departments using IPsec?

S

Scalpel71522018-12-05 18:08:23

VPN

Scalpel7152, 2018-12-05 18:08:23

There are 4 routers connected by a central router. you need to configure encryption only from all computers to all servers. routing everywhere OSPF. I started to configure ipsec using crypto map, but it turned out that only one map can be tied to a physical interface, but I need three maps per interface. where in general to dig to implement it? I'll ask you to explain in more detail, since I'm not strong in this yet, or can you recommend a manual?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Strabbo, 2018-12-05
@Strabbo

You can put my peers in the crypto map. In general, it is more convenient to do without a crypto map on the physical interface. Make a normal gre tunnel and hang tunnel protection ipsec profile on it. Thus, the crypto map itself will be automatically created

V

Vadim Choporov, 2018-12-05
@tolstyiii

Make 1 cryptomap on Router-PT for each interface looking at your office, and on end routers, 1 cryptomap per interface looking at Router-PT. Further routes all through this central router should be built, and that's all.
Correct me nerds if I'm wrong.)

V

Valentin, 2018-12-05
@vvpoloskin

Well, you draw which ipsecs between which nodes you want. And even though cryptomaps are written one per interface, they support a syntax with several entries, where you can associate ACLs with transform sets, by analogy with policymaps or access lists, through numbers.