homecomputerlab

DEFINE THE VPN POLICIES AND TRAFFIC
crypto iskamp policy 1
authentication pre-share
exit
crypto isakmp key <PRE-SHARED KEY> address <HOST WE ARE CONNECTING TO>
access-list 123 permit ip <SOURCE SUBNET> 0.0.0.255 <DESTINATION SUBNET> 0.0.0.255
crypto ipsec transform-set 3DESSHA esp-3des esp-sha-hmac
exit

CREATE THE VPN USING THE DEFINED POLICIES AND TRAFFIC ACL
crypto map CRYPTO_MAP_NAME_ABC 1 ipsec-isakmp
set transform-set 3DESSHA
set peer <IP OF HOST CONNECTING TO>
match address 123
exit

APPLY THE VPN TUNNEL TO THE DESTINATION INTERFACE
interface Dialer1
crypto map CRYPTO_MAP_NAME_ABC
end

DO NOT NAT THE TRAFFIC THAT NEEDS TO BE TUNNELLED
ip access-list extended acl_nat
deny   ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
permit ip 192.168.1.0 0.0.0.255 any

SHOW COMMANDS
show crypto isakmp sa
show crypto map