Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dynamic VPN on Cisco 7609

Dear all,

I am trying to implement Dynamic VPN on a Cisco 7609 (IOS 12.2<18>SXF13) & when I connect to this router through a Cisco VPN Client, an IPSEC tunnel is established.

When I issue "sh crypto ipsec sa" encrypted & decrypted packets are not equal & Split tunneling is also not working properly. Is anyone facing similar issue on this platform as same testing is working fine on low end series routers.

Any help in this regard would be appreciable.

**************************************

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

!

crypto isakmp client configuration group TEST

key test123

pool LOCAL

acl SPLIT

crypto isakmp profile TESTPROFILE

match identity group TEST

client authentication list USERAUTH

isakmp authorization list USERAUTH

client configuration address respond

!

!

crypto ipsec transform-set CISCO esp-3des esp-sha-hmac

!

crypto dynamic-map DYNAMIC 10

set transform-set CISCO

set isakmp-profile TESTPROFILE

reverse-route

!

!

crypto map TESTVPN 10 ipsec-isakmp dynamic DYNAMIC

ip local pool LOCAL 172.16.1.1 172.16.1.254

ip access-list extended SPLIT

permit ip 172.16.0.0 0.0.255.255 any

permit ip 192.168.0.0 0.0.255.255 any

**************************************

Regards,

Akhtar

2 REPLIES
Silver

Re: Dynamic VPN on Cisco 7609

Both encrypted ( to be decrypted ) and unencrypted( to be encrypted ) packets will be sent to the VPN module . and the sum of these two is equal to the packets out figure

New Member

Re: Dynamic VPN on Cisco 7609

179
Views
0
Helpful
2
Replies
CreatePlease login to create content