Re: VPN with Pix501 and VPN Client v4.6 - Not working
Thanks for the reply.
When I ran the "debug crypto isakmp" (from the PDM) the only response was "The command has been sent to PIX." I am accessing the PIX and the client remotely from 40 miles away, so I can't run a console session.
The PIX output and client output was too large, so have attached "VPN.txt" with the pertinent info.
From some recent reading, on a dynamic crypto map only the transform set should be required, as follows:
"Supporting Clients with Dynamic Addresses
Dynamic crypto maps are frequently used with Internet Key Exchange (IKE) to negotiate SAs with remote access VPN clients. Dynamic crypto maps are used to negotiate SAs for connections initiated from an external network for peers that do not have a known IP address. After successful IKE authentication, the client connection request is processed using a dynamic crypto map that is configured to set up SAs without requiring a known IP address.
A dynamic crypto map entry is essentially a crypto map entry that does not specify the identity of the remote peer. It acts as a template where the missing parameters are dynamically assigned based on the IKE negotiation. Only the transform set is required to configure a dynamic crypto map entry. "
Thanks again for your help. I'm behind the 8-ball on this one and need to have the VPN up by Monday night. I'm stressin'...
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :