Layer 2 over L2TP and IPSEC

!
ip cef
!
!
pseudowire-class L2TP-L2
encapsulation l2tpv3
ip local interface FastEthernet0/0
!
!
crypto isakmp policy 10
authentication pre-share
crypto isakmp key CISCO address 2.2.2.2
!
!
crypto ipsec transform-set MY-IPSECGRE-SET esp-3des esp-sha-hmac
mode transport
!
crypto ipsec profile MY-GRE-PROFILE
set transform-set MY-IPSECGRE-SET
!
!
interface Tunnel1
ip address 1.1.1.1 255.255.255.0
ip mtu 1300
ip tcp adjust-mss 1300
tunnel source 172.16.32.1
tunnel destination 172.16.32.5
tunnel path-mtu-discovery
tunnel protection ipsec profile MY-GRE-PROFILE
!
interface FastEthernet0/0
ip address 172.16.32.1 255.255.255.252
ip mtu 1360
ip policy route-map clear-df-bit
duplex full
speed auto
!
interface FastEthernet0/1
no ip address
duplex full
speed auto
no cdp enable
xconnect 172.16.32.5 100 pw-class L2TP-L2
!
ip route 0.0.0.0 0.0.0.0 172.16.32.2
!
!
access-list 111 permit tcp any any
!
route-map clear-df-bit permit 10
match ip address 111
set ip df 0
!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: