Because of the implicit deny all, there is no need to configure a deny ip any any statement. All other traffic sourced from the LANs will not be encrypted. This interesting traffic will trigger the IPsec VPN to be implemented when there is traffic between the R1 to R3 LANs. Step 3: Identify interesting traffic on R1.Ĭonfigure ACL 110 to identify the traffic from the LAN on R1 to the LAN on R3 as interesting. Verify that the Security Technology package has been enabled by using the show version command. Save the running-config and reload the router to enable the security license.Į. R1(config)# license boot module c1900 technology-package securityk9Ĭ. If the Security Technology package has not been enabled, use the following command to enable the package. On R1, issue the show version command to view the Security Technology package license information.ī. Step 2: Enable the Security Technology package.Ī.
SSH username and password: SSHadmin / ciscosshpa55.
The routers have been pre-configured with the following: