EzVPN client doesn't automatically connect to server.

jsol · ‎11-29-2003

I've a Cisco 837 with version 12.2(15)T5 configured as EzVPN client that connects to a VPN 3030 which acts a server. The router has the "connect auto" command configured, but when you boot the router it doesn't connect, neither when you produce traffic. The only way for the router to connect is to unconfigure and reconfigure again the command "crypto ipsec client ezvpn <NAME>" under the atm0.1 subinterface. Then it connects without any problem and the connection works properly.

Does anyone know which is the cause of this problem? Does anyone know any software version which works properly in this case?

Thanks,

Jordi Solà.

nikhil_m · ‎12-08-2003

This happens many times. Not sure what is the problem though...

d-garnett · ‎12-08-2003

Your problem lies somewhere in the XAuth stage of Phase 1

in the mean time don't use XAuth, that is where you are probably getting hung up

I had the same thing happen with an 806 (remote site using DSL) and an 3005 (at our main site)

set up the Group on the Concentrator to:

CONFIGURATION | GROUPS > groupname | IPSec Tab > Authentication use "None"

make sure you limit the number of Group Connections to 1, so that you don't allow room for intruders

%snippet of a config i use%-------------

crypto ipsec client ezvpn hw-client

connect auto

group VPNGROUPName key UseAVeryStrongPasswd

mode client

peer X.X.X.X

!

interface Ethernet0 (internal interface)

ip address 192.168.1.1 255.255.255.0

no ip redirects

no ip unreachables

no cdp enable

crypto ipsec client ezvpn hw-client inside

hold-queue 32 in

hold-queue 100 out

!

interface Ethernet1 (external interface)

ip address dhcp client-id Ethernet1

ip access-group 114 in

no ip redirects

no ip unreachables

ip accounting access-violations

ip inspect INSPECT4LAN out

ip audit GUARD in

no cdp enable

crypto ipsec client ezvpn hw-client

%----------------------------------------%