This is like one of those recipe book type 1 page cheat sheets. This relies on you knowing IOS well enough to just need a jog.
So to set up an interface mode (Virtual tunnel interface in Cisco speak) vpn you need these commands:
crypto isakmp policy
crypto isakmp key
crypto ipsec transform set
crypto ipsec profile
shape average 128000
ip address maybe or ip unnumbered vlan1 to tie to vlan1
tun source outsideIP
tun destin otherend
tunnel mode ipsec ipv4
tunnel protection ipsec profile
ip route tun0 perm?
or use Ip and dynamic routing rip v2?
If you're switching from proxy style VPN then remove the crypto map unless you still have dynamic client vpns and remove the IPSec policy for the connection.
The tunnel ones are just so much nicer. No NAT hassles, easy policy QoS etc.
Also help diag commands:
sh crypto session detail
Valve, for a company that supposedly loves Linux your support is terrible. I got pointed to a community forum for support when logging this ...
This is something that caught my interest a few years ago and has been sitting in the garage churning out tiny fractions of a bitcoin regula...
We still see this one occasionally. Had one case where we needed to get a policy on but couldn't reboot the firewall. So, tried a few ...
I've seen this happen for a few reasons but had a new one today. We had a new 3750 that I'd set to DHCP on VLAN1 to plug in. I th...