Hi,
I am using 837 as a VPN gateway and the remote site is using VPN client 3.6.
The users are not able to connect. They always get error " Aggressive mode failed"... anything wrong with my config ???
thanks
Building configuration...
Current configuration : 2824 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname NanoRouter
!
no logging buffered
no logging monitor
!
ip subnet-zero
ip dhcp excluded-address 192.168.1.3
!
ip inspect name myfw cuseeme timeout 3600
ip inspect name myfw ftp timeout 3600
ip inspect name myfw rcmd timeout 3600
ip inspect name myfw realaudio timeout 3600
ip inspect name myfw smtp timeout 3600
ip inspect name myfw tftp timeout 30
ip inspect name myfw udp timeout 15
ip inspect name myfw tcp timeout 3600
ip inspect name myfw h323 timeout 3600
ip audit notify log
ip audit po max-events 100
!
crypto isakmp policy 3
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp client configuration group vpngroup
key cisco123
dns 192.168.1.4
wins 192.168.1.4
domain nanofilm.com.sg
pool ippool
acl 188
!
!
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!
crypto dynamic-map dynmap 10
set transform-set myset
reverse-route
!
!
crypto map clientmap client configuration address respond
crypto map clientmap 10 ipsec-isakmp dynamic dynmap
!
!
!
!
interface Ethernet0
ip address 192.168.1.1 255.255.255.0
ip nat inside
no ip mroute-cache
hold-queue 100 out
!
interface ATM0
description connection to SingNet
no ip address
ip nat outside
atm vc-per-vp 64
no atm ilmi-keepalive
dsl operating-mode auto
dsl power-cutback 0
!
interface ATM0.1 point-to-point
ip address x.x.x.x 255.255.255.252
ip access-group 111 in
ip nat outside
pvc 8/35
encapsulation aal5snap
!
crypto map clientmap
!
ip local pool ippool 172.16.0.1 172.16.0.15
ip nat inside source list 1 interface ATM0.1 overload
ip nat inside source static tcp 192.168.1.3 3389 interface ATM0.1 3389
ip nat inside source static tcp 192.168.1.3 443 interface ATM0 443
ip nat inside source static tcp 192.168.1.3 143 interface ATM0.1 143
ip nat inside source static tcp 192.168.1.3 110 interface ATM0.1 110
ip nat inside source static tcp 192.168.1.3 80 interface ATM0.1 80
ip nat inside source static tcp 192.168.1.3 25 interface ATM0.1 25
ip classless
ip route 0.0.0.0 0.0.0.0 ATM0.1
ip http server
!
!
logging trap errors
logging facility user
logging 192.168.1.156
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 188 permit ip 192.168.1.0 0.0.0.255 172.16.0.0 0.0.0.255
!
line con 0
exec-timeout 120 0
no modem enable
stopbits 1
line aux 0
stopbits 1
line vty 0 4
exec-timeout 120 0
password 7 03125219121A2040
login
length 0
!
scheduler max-task-time 5000
end
Cisco Internetwork Operating System Software
IOS (tm) C837 Software (C837-K9O3Y6-M), Version 12.2(8)YN, EARLY DEPLOYMENT RELE
ASE SOFTWARE (fc1)
Synched to technology version 12.2(11.2u)T
TAC Support: http://www.cisco.com/tac
Copyright (c) 1986-2002 by cisco Systems, Inc.
Compiled Wed 30-Oct-02 15:35 by ealyon
Image text-base: 0x800131D8, data-base: 0x8091FE68
ROM: System Bootstrap, Version 12.2(8r)YN, RELEASE SOFTWARE (fc1)
ROM: C837 Software (C837-K9O3Y6-M), Version 12.2(8)YN, EARLY DEPLOYMENT RELEASE
SOFTWARE (fc1)
NanoRouter uptime is 16 hours, 27 minutes
System returned to ROM by reload
System image file is "flash:c837-k9o3y6-mz.122-8.YN.bin"
CISCO C837 (MPC857DSL) processor (revision 0x200) with 29492K/3276K bytes of mem
ory.
Processor board ID AMB0704034H (1236450451), with hardware revision 0000
CPU rev number 7
Bridging software.
1 Ethernet/IEEE 802.3 interface(s)
1 ATM network interface(s)
128K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
2048K bytes of processor board Web flash (Read/Write)
Configuration register is 0x2102
