Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
374
Views
0
Helpful
1
Replies

Cisco Secure client to 3620 IPSec

bruce.l.williams
Level 1
Level 1

‎12-26-2001 03:15 PM - edited ‎02-21-2020 11:32 AM

I configured IPSec and ISAKMP on the 3620 using a dynamic map. I configure the pre-shared key with the following command:

"crypto isakmp key ciscocisco address 0.0.0.0"

but it would not work until I specified a specific IP address:

"crypto isakmp key ciscocisco address 192.168.1.14"

I am running IOS version 12.0 on the 3620 and Cisco Secure Client 1.1. Is this an IOS bug or did I configure something incorrectly.

Bruce Williams

mailto:bruce.lawrence.williams@verizon.com

Labels:
0 Helpful
1 Reply 1

colin-turner
Level 1
Level 1

‎12-31-2001 02:43 AM

I think that you've missed out the wildcard mask of 0.0.0.0 which tells the router that you are using dynamic addressing for the clients. Try adding an extra 0.0.0.0 to the end of your crypto isakmp key command...

Here's a section from my own...

crypto isakmp policy 1

hash md5

authentication pre-share

crypto isakmp key ****** address 0.0.0.0 0.0.0.0

crypto isakmp client configuration address-pool local vpnpool

!

!

crypto ipsec transform-set trans1 esp-des esp-md5-hmac

!

crypto dynamic-map dynmap 10

set transform-set trans1

!

!

crypto map intmap client configuration address initiate

crypto map intmap client configuration address respond

crypto map intmap 10 ipsec-isakmp dynamic dynmap

- Colin -

0 Helpful
Customers Also Viewed These Support Documents