Cisco Support Community
Community Member

easy vpn problem

can anybody help i have set up a small lab at home to practice vpns ordinary

site to site and easy vpn server/client networks using network extension mode

all work fine but have hit a snag when setting up a easy vpn server/client network

using client mode,Due to the lack of any configuration examples i have set it

up using the configs below but the bottom line is that it fails to work all i get

when trying to make a connection from a computer at the client end to a server at

server end is the led's on the client firewall flicker for a few seconds but no

connection is established can some one please look at the configs below and tell me

wether or not i have it set up correctly.


Melvyn Brown

515 EASY VPN SERVER running o/s 7.04

interface ethernet0

nameif outside

ip address

speed 100

duplex full

no shut

interface ethernet1

nameif inside

ip address

speed 100

duplex full

no shut

nat (inside) 1 0 0

global (outside) 1 interface

route outside 0 0

access-list 101 permit ip

access-list 102 permit ip

nat (inside) 0 access-list 101

username cisco password password

sysopt connection permit-ipsec

crypto ipsec transform-set crypto1 esp-3des esp-md5-hmac

crypto dynamic-map dynomap 20 set transform-set crypto1

crypto map vpnpeer 20 ipsec-isakmp dynamic dynomap

crypto map vpnpeer interface outside

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash md5

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

group-policy training internal

group-policy training attributes

split-tunnel-policy tunnelspecified

split-tunnel-network-list value 102

tunnel-group training type ipsec-ra

tunnel-group training general-attributes

default-group-policy training

tunnel-group training ipsec-attributes

pre-shared-key cisco

501 EASY VPN CLIENT running os 6.3

interface ethernet0 100full

ip address outside

interface ethernet1 100full

ip address inside

nat (inside) 1 0 0

global (outside) 1 interface

route outside 0 0

dhcpd dns

dhcpd domain

dhcpd address inside

dhcpd enable inside

vpnclient server

vpnclient mode client-mode

vpnclient vpngroup training password cisco

vpnclient username cisco password password

vpnclient enable

CreatePlease to create content