VPN Client issue

Unanswered Question
Jan 6th, 2008
User Badges:


I've configured our router to allow vpn client(IPSec Type , not pptp) to access our network , with cisco vpn client , connection is made successfully and authenticates but I've got two problems with it :

1)when the client authenticates in it can't see anywhere , although I've created an access list allowing them(VPN Range) to access any.

2)with IP local pool I can't assign any gateway to the users , how is it possible to assign a gateway for the remote VPN clients.

here is the main part of my config:

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp key xxxxx address

no crypto isakmp ccm


crypto isakmp client configuration group xxxx

key xxxxx

dns x.x.x.x

domain x.com.au

pool xpool


crypto isakmp profile VPNclient

description VPN clients profile

match identity group xnet

client authentication list clientauth

isakmp authorization list groupauthor

client configuration address respond



crypto ipsec transform-set x-set esp-3des esp-sha-hmac


crypto dynamic-map dyna-x 1

set transform-set x-set

set isakmp-profile VPNclient



crypto map xMap 5 ipsec-isakmp dynamic dyna-x

ip access-list extended VPN-Client

permit ip any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ajagadee Wed, 01/09/2008 - 19:31
User Badges:
  • Cisco Employee,

Do you have any NAT configured on the router. If so, have you bypassed NAT range of IP Addresses configured for the Pool xpool.

Once the VPN Client is connected, can you capture the "Show crypto ipsec sa" and post the outputs.




This Discussion