IPsec VPN Configuration On DC Router = "dc-gw1" Next is Policy-based IPsec VPN configuration for DC router and branch routers. Interface And Route Configuration On Branch B Router = "branch-b-gw1" Interface And Route Configuration On Branch A Router = "branch-a-gw1" Interface And Route Configuration On DC Router = "dc-gw1" This simulates underlay Internet links for DC and branches. I had configured Interface IP's on DC router and branch routers and implemented default route towards Internet router.
Cisco ios xe release 3 to 16 change software#
Router IOS version used for this setup are -ĭc-gw1 = Cisco IOS Software, CSR1000V Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 15.4(2)S, RELEASE SOFTWARE (fc2)īranch-a-gw1 and branch-b-gw1 = Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 12.4(24)T, RELEASE SOFTWARE (fc1) We have to configure "inside" and "outside" NAT. Details of IP addresses and device connections are shown in the diagram.ġ) Create Policy based IPSec VPN tunnel between "dc-gw1" in DC to "branch-a-gw1" in Branch A.Ģ) Create Policy based IPSec VPN tunnel between "dc-gw1" in DC to "branch-b-gw1" in Branch B.ģ) Traffic between "app1" server to "user" in branch A will be NATed. And two branches ( a and b) connect to DC via IPSEC VPN tunnels with the Internet as an underlay. This is an imaginary setup of a company which has Data Centre (DC) with Application and Storage servers.
Cisco ios xe release 3 to 16 change series#
I am going to write series of articles on IPsec VPN configurations on IOS XE platform, this article is first of the series and provides sample configuration for policy-based VPN tunnel. This provoked me to write this series of articles. And whatever information available is not useful to configure routers. While working with Cisco routers with IOS XE, I noticed that on the Internet there is very little information about configuring VPN tunnels in IOS XE.