We just got a UC520 for our small office. I am trying to set up a VPN (which is totally new for me). The VPN should be used from home on a pc with Cisco VPN client installed and should connect to the UC520 in the office and and get an ip address in the data VLAN.
I found an example config in a white paper and tried it but i keep getting the same error message when i try to connect:
001708: Feb 10 03:42:06.484: ISAKMP:(0):Support for IKE Fragmentation not enabled
001709: Feb 10 03:42:06.484: %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer at 192.168.10.23
I have attached my config. Could someone please help?
Well the log from the client shows the router does not respond, which leads me back to asking, the only static router seen on this router is one to a service engine, I know this router is getting ip address via dhcp, can you get the show ip route from the router and see if you have a default gateway?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...