Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem With VPN Client Config on 857W

Hy,

I arrive to establish the vpn but I can't establish the communication.

hostname A

!

logging buffered 51200 debugging

logging console critical

enable secret xxxx

!

username user password xxxx

username user1 password xxxx

clock timezone PCTime 1

clock summer-time PCTime date Mar 30 2003 2:00 Oct 26 2003 3:00

aaa new-model

!

!

aaa authentication login default local

aaa authentication login sdm_vpn_xauth_ml_1 local

aaa authorization exec default local

aaa authorization network sdm_vpn_group_ml_1 local

aaa session-id common

ip subnet-zero

no ip source-route

ip dhcp pool sdm-pool1

import all

network 192.x.x.0 255.255.255.0

default-router 192.168.0.254

dns-server 80.10.x.x.10.246.129

!

!

ip cef

ip tcp synwait-time 10

no ip bootp server

no ip domain lookup

ip domain name domain.net

ip name-server 193.x.x.3

ip ssh time-out 60

ip ssh authentication-retries 2

no ftp-server write-enable

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group Client-Vpn

key passw0rd

dns 193.x.x.3 194.6.128.4

pool SDM_POOL_1

max-users 5

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

!

crypto dynamic-map SDM_DYNMAP_1 1

set transform-set ESP-3DES-SHA

reverse-route

!

!

crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1

crypto map SDM_CMAP_1 isakmp authorization list sdm_vpn_group_ml_1

crypto map SDM_CMAP_1 client configuration address respond

crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1

!

interface ATM0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip route-cache flow

no atm ilmi-keepalive

dsl operating-mode auto

!

interface ATM0.1 point-to-point

description $ES_WAN$$FW_OUTSIDE$

pvc 8/35

pppoe-client dial-pool-number 1

!

!

interface FastEthernet0

no ip address

no cdp enable

!

interface Vlan1

description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$FW_INSIDE$

no ip address

ip tcp adjust-mss 1452

bridge-group 1

!

interface Dialer0

ip address negotiated

ip access-group 101 in

no ip redirects

no ip unreachables

no ip proxy-arp

ip mtu 1452

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip route-cache flow

dialer pool 1

dialer-group 1

no cdp enable

ppp authentication chap pap callin

ppp chap hostname fti

ppp chap password xxxx

ppp pap sent-username fti password xxxx

crypto map SDM_CMAP_1

!

interface BVI1

description $ES_LAN$

ip address 192.168.x.x.255.255.0

ip nat inside

ip virtual-reassembly

ip tcp adjust-mss 1452

!

ip local pool SDM_POOL_1 10.0.0.1 10.0.0.20

ip classless

ip route 0.0.0.0 0.0.0.0 Dialer0

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 5 life 86400 requests 10000

ip nat inside source list 1 interface Dialer0 overload

ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload

!

logging trap debugging

access-list 1 remark INSIDE_IF=BVI1

access-list 1 remark SDM_ACL Category=2

access-list 1 permit 192.x.x.0 0.0.0.255

access-list 101 permit ip 10.0.0.0 0.0.0.255 any

access-list 101 permit udp any any eq non500-isakmp

access-list 101 permit udp any any eq isakmp

access-list 101 permit esp any any

access-list 101 permit ip any any

access-list 102 remark SDM_ACL Category=2

access-list 102 deny ip any 10.0.0.0 0.0.0.255

access-list 102 permit ip 192.168.0.0 0.0.0.255 any

dialer-list 1 protocol ip permit

no cdp run

route-map SDM_RMAP_1 permit 1

match ip address 102

!

!

control-plane

!

bridge 1 protocol ieee

bridge 1 route ip

1 REPLY
New Member

Re: Problem With VPN Client Config on 857W

i do not see a "set peer" under your crypto map, if that is the question you are asking

88
Views
0
Helpful
1
Replies