C1841 router vpn setup issue

Unanswered Question
May 3rd, 2012
User Badges:

Hi,


I have issue with setting up c1841 router for vpn access. Below config is extracted from the running-config. Please also find attahed the debug log output.



crypto isakmp client configuration group vpn-group

key 128382671

dns 200.xx.xx.xxx

domain group.com

pool vpnpool

!

crypto ipsec security-association lifetime seconds 180

!

crypto ipsec transform-set myset ah-sha-hmac esp-des esp-md5-hmac

crypto ipsec transform-set yourset ah-md5-hmac esp-3des comp-lzs

!

crypto dynamic-map DYNMAP 10

set transform-set myset yourset

match address 101

reverse-route

!

!

crypto map CLIENTMAP local-address FastEthernet0/1

crypto map CLIENTMAP client authentication list AUTHEN-LIST

crypto map CLIENTMAP isakmp authorization list AUTHEN-LIST

crypto map CLIENTMAP client configuration address respond

crypto map CLIENTMAP 10 ipsec-isakmp dynamic DYNMAP

!



Best Regards,

Ruveni

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Mohammad Alhyari Tue, 05/08/2012 - 15:22
User Badges:
  • Bronze, 100 points or more

Hi Mate ,

a few comments if you don't mind :

1- did you confgure an isakmp policy with  DH group 2 .

2- why you are using an access-list under the dynamic crypto map .


is it possible to attach the full config of the router ? the debugs are showing that we are not going beyond IKE first message as the router refuses the proposals offered by the client .

hope that hsi helps .

Mohammad.

rwaqanitoga Tue, 05/08/2012 - 21:53
User Badges:

Hi Mate,


Am basically able to authenticate using cisco vpn client but does not indicate any connection.

Please find attached the running-config and the debug log...




Many Thanks,

Ruveni

Actions

This Discussion