cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
578
Views
0
Helpful
3
Replies

VPN not getting connected.

shjengschool
Level 1
Level 1

Dear Friends,

Getting errors when connecting to a newly configured VPN Gateway.

Scenario: ADSL router forwards 500 & 4500 packets to VPN Gateway.

Please see the attached configuration txt for the IOS being used, and have also attached the debugging error.

VPN Client Used: Cisco Systems VPN Client Version 4.8.02.0010.

Would really appreciate someones help in solving this issue.

Regards.

3 Replies 3

kerek
Level 4
Level 4

Hi,

Let's try to remove the match address 110 from the crypto dynamic-map SunojDyn 1

Krisztian

Hello Krisztian,

Removed. Still the same result.

Regards,

Hi,

It seems that the negotiation was failed in phase 1 so IKE SA was not created.

I think the following: *Aug 28 05:23:35.619: ISAKMP:(0:0:N/A:0): vendor ID is XAUTH implies that the client wants extended authentication, but it is not configured on the gateway.

Let's try to add the followings:

username dummy password whatever

!

aaa authentication login userauthen local

aaa authorization network groupauthor local

!

crypto map clientmap client authentication list userauthen

crypto map clientmap isakmp authorization list groupauthor

In this case the router will do an xauth using local database so when the client prompts for username password use the dummy/whatever username password.

Anyway I don't know whether the xauth can be turned off in the client, but I know I have a very similar setup which works with 4.8.02 client.

Hope it helps,

Krisztian

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: