FRSW(config)#int s1/0
FRSW(config-if)#encapsulation frame-relay IETF
FRSW(config-if)#clock rate 2016000
FRSW(config-if)#frame-relay lmi-type cisco
FRSW(config-if)#frame-relay intf-type dce
FRSW(config-if)#frame-relay route 102 interface s1/1 201
FRSW(config-if)#no sh
FRSW(config-if)#exit
FRSW(config)#int s1/1
FRSW(config-if)#encapsulation frame-relay IETF
FRSW(config-if)#clock rate 2016000
FRSW(config-if)#frame-relay lmi-type cisco
FRSW(config-if)#frame-relay intf-type dce
FRSW(config-if)#frame-relay route 201 interface s1/0 102
FRSW(config-if)#no sh
FRSW(config-if)#exit
BJ(config-if)#ip add 10.1.1.254 255.255.255.0
BJ(config-if)#no sh
BJ(config-if)#exit
BJ(config)#int s1/0
BJ(config-if)#ip add 172.161.1.1 255.255.255.0
BJ(config-if)#encapsulation frame-relay IETF
BJ(config-if)#frame-relay map ip 172.161.1.2 102 broadcast
BJ(config-if)#no sh
BJ(config-if)#exit
BJ(config)#ip route 0.0.0.0 0.0.0.0 172.161.1.2
GZ(config-if)#ip add 10.2.2.254 255.255.255.0
GZ(config-if)#no sh
GZ(config-if)#exit
GZ(config)#int s1/1
GZ(config-if)#ip add 172.161.1.2 255.255.255.0
GZ(config-if)#encapsulation frame-relay IETF
GZ(config-if)#frame-relay map ip 172.161.1.1 201 broadcast
GZ(config-if)#no sh
GZ(config-if)#exit
GZ(config)#ip route 0.0.0.0 0.0.0.0 172.161.1.1
Sending 5, 100-byte ICMP Echos to 10.2.2.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/90/184 ms
BJ(config)#crypto isakmp policy 10
BJ(config-isakmp)#hash md5
BJ(config-isakmp)#authentication pre-share
BJ(config-isakmp)#encryption 3des
GZ(config-isakmp)#exit
BJ(config)#crypto isakmp key cisco address 172.161.1.2
BJ(config)#crypto ipsec transform-set trset esp-des esp-md5-hmac
BJ(cfg-crypto-trans)#exit
BJ(config)#access-list 101 permit ip 10.1.1.0 0.0.0.255 10.2.2.0 0.0.0.255
BJ(config)#crypto map eric86 10 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
BJ(config-crypto-map)#set peer 172.161.1.2
BJ(config-crypto-map)#set transform-set trset
BJ(config-crypto-map)#match address 101
BJ(config-crypto-map)#exit
BJ(config)#interface Serial1/0
BJ(config-if)#crypto map eric86
BJ(config-if)#
*Oct 14 23:06:25.863: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
GZ(config)#crypto isakmp policy 10
GZ(config-isakmp)#hash md5
GZ(config-isakmp)#authentication pre-share
GZ(config-isakmp)#encryption 3des
GZ(config-isakmp)#exit
GZ(config)#crypto isakmp key cisco address 172.161.1.1
GZ(config)#crypto ipsec transform-set trset esp-des esp-md5-hmac
GZ(cfg-crypto-trans)#exit
GZ(config)#access-list 101 permit ip 10.2.2.0 0.0.0.255 10.1.1.0 0.0.0.255
GZ(config)#crypto map eric86 10 ipsec-isakmp
% NOTE: This new crypto map will remain disabled until a peer
and a valid access list have been configured.
GZ(config-crypto-map)#set peer 172.161.1.1
GZ(config-crypto-map)#set transform-set trset
GZ(config-crypto-map)#match address 101
GZ(config-crypto-map)#exit
GZ(config)#interface Serial1/1
GZ(config-if)#crypto map eric86
GZ(config-if)#
*Oct 14 23:07:28.067: %CRYPTO-6-ISAKMP_ON_OFF: ISAKMP is ON
Protocol [ip]:
Target IP address: 10.2.2.254
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 10.1.1.254
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.2.2.254, timeout is 2 seconds:
Packet sent with a source address of 10.1.1.254
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/164/240 ms