Phase 1 issues.. Can't see with my Eyes..

Unanswered Question
Sep 17th, 2008
User Badges:

I have been staring at this config now for the better part of the night an into this morning. I have ran all the basic debugs and my config is failing on phase 1. I have included the config on the router for the VPN clients. Can some one tell me what I am missing.


Thanks

Frank



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Istvan_Rabai Wed, 09/17/2008 - 09:44
User Badges:
  • Gold, 750 points or more

Hi Frank,


Running through your config I found one possible fault, acl 102:


I think it should be:

"access-list 102 permit ip 192.168.0.0 0.0.0.255 any" if you want the 192.168.0.0/24 network to be injected into the routing tables of vpn clients.


In addition, you should specify the netmask for the 365vpn group under the

"crypto isakmp client configuration group 365vpn"

command, as the "ip local pool" command does not specify one.

E.g: "netmask 255.255.255.240"


Cheers:

Istvan

Actions

This Discussion