IPSEC VPN

R1

license boot module c2900 technology-packagesecurityk9

access-list 110 permit ip 192.168.100.0 0.0.0.255 192.168.101.128 0.0.0.255
access-list 110 permit ip 192.168.101.0 0.0.0.127 192.168.101.128 0.0.0.255

Phase 1
crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
ex
crypto isakmp key vpnpa55 address 192.168.102.90
Do wr

Phase2
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description This VPN connects to Branch-Network
set peer 192.168.102.90
set transform-set VPN-SET
match address 110
ex

int se0/2/0
crypto map VPN-MAP
exit
do wr

do sh crypto ipsec sa

R2

access-list 110 permit ip 192.168.101.128 0.0.0.255 192.168.0.0 0.0.0.255
access-list 110 permit ip 192.168.101.128 0.0.0.255 192.168.101.0 0.0.0.127

crypto isakmp policy 10
encryption aes 256
authentication pre-share
group 5
exit
crypto isakmp key vpnpa55 address 192.168.102.89
crypto ipsec transform-set VPN-SET esp-aes esp-sha-hmac
crypto map VPN-MAP 10 ipsec-isakmp
description VPN connection to HQ-Hospital
set peer 192.168.102.89
set transform-set VPN-SET
match address 110
exit
int s0/2/0
crypto map VPN-MAP
exit
do wr