04-13-2009 11:53 AM - edited 02-21-2020 04:12 PM
Hi all,
I'm trying to setup a L2TP over IPSEC vpn between a Mac OS X 10.4 host (with the Mac native vpn client) and a router running IOS (UC520).
The configuration I wrote is not working. Even if I activate some debug (ppp authentication, l2x error, l2x events, vpdn events, etc.) I don't see any type of activity when I try to bring up the vpn from the Mac host.
Please see the configuration attached.
Thank you in advance,
Kind Regards - Daniele Visaggio
04-14-2009 11:53 AM
From your configuration, I did not see where keyring "L2TP" is used. Therefore, no preshare key is configured.
If you still have issue, please turn on debug to see what happen.
04-16-2009 02:13 AM
Kwu2, thank for the prompt reply.
In order to write the configuration you read, I saw the config example located at:
If you see this config example, you will notice that even here the crypto keyring command is only "declared" but not used by anything.
Maybe the Cisco example is wrong?
Regards - Daniele
04-16-2009 07:40 AM
It could be wrong.
Here is cmd ref of "crypto keyring", it should be used by isakmp profile.
Usage Guidelines
A keyring is a repository of preshared and Rivest, Shamir, and Adelman (RSA) public keys. The keyring is used in the ISAKMP profile configuration mode. The ISAKMP profile successfully completes authentication of peers if the peer keys are defined in the keyring that is attached to this profile.
Examples
The following example shows that a keyring and its usage have been defined:
crypto keyring vpnkeys
pre-shared-key address 10.72.23.11 key vpnsecret
crypto isakmp profile vpnprofile
keyring vpnkeys
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: