Who is Softlayer
SoftLayer, an IBM Company, provides cloud infrastructure as a service from 13 data centers in the United States, Asia, and Europe, and a global footprint of 17 network points of presence. Our customers range from Web startups to global enterprises.
Softlayer offer IPSec VPN on private network for customer to connect their coporate network to Softlayer Cloud to manage their systems running on Softlayer Cloud.
Softlayer customer can complete Softlayer end’s IPSec configuration through Softlayer customer portal.
I will shows you the capacity of Softlayer IPSec in the series of articles by 3 user cases.
The Network Topology is:
The IPSec config on Softlayer end is as below:
From the above, you can see the IPSec config on Softlayer end is quite straightforward: Phase 1 and Phase 2 nego parameters then customer subnets and Softlayer subnets.
Next-step is the configuration on customer end:
(1) Customer end is Cisco router.
Please note it looks like that Softlayer doesn’t support the Cisco IPSec Virtual Tunnel interface.So you possibly have to use the classical “Crypto Map” method:
crypto isakmp policy 1
crypto isakmp key PassW0rd2014 address x.x.x.x (Softlayer end IPSec VPN Gateway IP)
crypto ipsec transform-set TS esp-3des esp-md5-hmac
crypto map CMAP 10 ipsec-isakmp
set peer x.x.x.x
set transform-set TS
set pfs group2
match address VPN
ip address 10.1.1.231 255.255.255.0
crypto map CMAP
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip access-list extended VPN
permit ip 192.168.109.0 0.0.0.255 10.66.24.0 0.0.0.63
#192.168.109.0/24 customer end IP range
#10.66.24.0/26 Softlayer VM IP range
#This cisco router is behind a firewall which performs the NAT function