Phase 1 issues.. Can't see with my Eyes..

Unanswered Question
Sep 17th, 2008
User Badges:

I have been staring at this config now for the better part of the night an into this morning. I have ran all the basic debugs and my config is failing on phase 1. I have included the config on the router for the VPN clients. Can some one tell me what I am missing.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Istvan_Rabai Wed, 09/17/2008 - 09:44
User Badges:
  • Gold, 750 points or more

Hi Frank,

Running through your config I found one possible fault, acl 102:

I think it should be:

"access-list 102 permit ip any" if you want the network to be injected into the routing tables of vpn clients.

In addition, you should specify the netmask for the 365vpn group under the

"crypto isakmp client configuration group 365vpn"

command, as the "ip local pool" command does not specify one.

E.g: "netmask"




This Discussion