C1841 router vpn setup issue

Unanswered Question
May 3rd, 2012
User Badges:


I have issue with setting up c1841 router for vpn access. Below config is extracted from the running-config. Please also find attahed the debug log output.

crypto isakmp client configuration group vpn-group

key 128382671

dns 200.xx.xx.xxx

domain group.com

pool vpnpool


crypto ipsec security-association lifetime seconds 180


crypto ipsec transform-set myset ah-sha-hmac esp-des esp-md5-hmac

crypto ipsec transform-set yourset ah-md5-hmac esp-3des comp-lzs


crypto dynamic-map DYNMAP 10

set transform-set myset yourset

match address 101




crypto map CLIENTMAP local-address FastEthernet0/1

crypto map CLIENTMAP client authentication list AUTHEN-LIST

crypto map CLIENTMAP isakmp authorization list AUTHEN-LIST

crypto map CLIENTMAP client configuration address respond

crypto map CLIENTMAP 10 ipsec-isakmp dynamic DYNMAP


Best Regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Mohammad Alhyari Tue, 05/08/2012 - 15:22
User Badges:
  • Cisco Employee,

Hi Mate ,

a few comments if you don't mind :

1- did you confgure an isakmp policy with  DH group 2 .

2- why you are using an access-list under the dynamic crypto map .

is it possible to attach the full config of the router ? the debugs are showing that we are not going beyond IKE first message as the router refuses the proposals offered by the client .

hope that hsi helps .


rwaqanitoga Tue, 05/08/2012 - 21:53
User Badges:

Hi Mate,

Am basically able to authenticate using cisco vpn client but does not indicate any connection.

Please find attached the running-config and the debug log...

Many Thanks,



This Discussion