I know that I'm doing something wrong. Tried to follow example in appnote
http://www.novell.com/coolsolutions/appnote/7971.html

but once I turn on the "crypto map static-map" - I can no longer ping the
router from a PC connected to the router. I'm preparing a Cisco-857 as my
first attempt to run a site-to-site vpn using BorderManager v3.9.

I'm pasting the relevant portions of the cisco config below. Would greatly
appreciate your advice.

TIA....Gregg

ip dhcp excluded-address 192.168.255.1
!
ip dhcp pool sdm-pool
import all
network 192.168.255.0 255.255.255.248
default-router 192.168.255.1
lease 0 2
!
crypto isakmp policy 1
encr 3des
authentication pre-share
lifetime 28800
crypto isakmp key xx-my-key-xx address 192.168.19.13 255.255.255.252
!
crypto ipsec transform-set vpn-wvtwp esp-3des esp-sha-hmac
!
crypto map static local-address Vlan1
crypto map static 1 ipsec-isakmp
set peer 192.168.19.13
set security-association lifetime seconds 7200
set transform-set vpn-wvtwp
match address vpn-static1
!
!
interface ATM0
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
no atm ilmi-keepalive
dsl operating-mode auto
!
interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$
ip address 192.168.19.14 255.255.255.252 secondary
ip address 192.168.255.1 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip route-cache flow
ip tcp adjust-mss 1452
crypto map static-map
!
ip route 172.16.0.0 255.255.248.0 192.168.19.13
ip route 192.168.0.0 255.255.0.0 192.168.19.13
!
ip access-list extended vpn-static1
permit ip 192.168.255.0 0.0.0.7 172.16.0.0 0.0.7.255
permit ip 192.168.255.0 0.0.0.7 192.168.0.0 0.0.255.255
!