Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
706
Views
0
Helpful
3
Replies

crytpo ipsec client ezvpn, "virtual-interface"

marketgraph
Level 1
Level 1

‎10-04-2006 03:39 AM - edited ‎02-21-2020 02:38 PM

Hi,

I'm working on getting a virutal tunnel interface up and running between two Cisco 2801 routers. I've found some docs about the IPsec Virtual Tunnel Interface which looks very promising but...

there are lines like this:

crypto ipsec client ezvpn CLIEN

virtual-interface 1

Every time I enter this in the console I get an error that it doesn't understand "virtual-interface" as command.

Is this something I need to enable via another command or anything? Or is it simply not possible in my IOS verion?

(I'm running: flash:c2801-advsecurityk9-mz.124-3f.bin)

Please help!

Looking online through the IOS command reference I also cannot find this as an option for the ezvpn client...

Thanks,

Sander.

Labels:
0 Helpful
3 Replies 3

smahbub
Level 6
Level 6

‎10-10-2006 09:53 AM

It looks like you are typing wrong command.

Check this link:

http://www.cisco.com/en/US/products/ps6350/products_configuration_guide_chapter09186a0080455b00.html#wp1098013

0 Helpful

marketgraph
Level 1
Level 1
In response to smahbub

‎10-11-2006 02:39 AM

If I enter that part into my router I get the following:

Enter configuration commands, one per line. End with CNTL/Z.

router(config)#crypto ipsec client ezvpn CLIENT

router(config-crypto-ezvpn)#connect manual

router(config-crypto-ezvpn)#group group1 key cisco123

router(config-crypto-ezvpn)#mode client

router(config-crypto-ezvpn)#peer 172.18.143.246

router(config-crypto-ezvpn)#virtual-interface 1

^

% Invalid input detected at '^' marker.

router(config-crypto-ezvpn)#username cisco password cisco123

router(config-crypto-ezvpn)#xauth userid mode local

router(config-crypto-ezvpn)#exit

router(config)#

So I get an error on the virutal-interface subcommand.

Any ideas?

0 Helpful

dbakula01
Level 1
Level 1
In response to marketgraph

‎10-17-2006 06:10 AM

you need to create the bvi interface first then apply the crypto command to the virtual interface and the external facing interface of the router

crypto ipsec client ezvpn

connect auto

group remote_sites key xxxxxxxxxxxxx

mode network-extension

peer

username xxxx password xxxxx

xauth userid mode local

!

!

bridge irb

bridge 1 route ip

interface BVI1

ip address

crypto ipsec client ezvpn inside

interface Vlan1

ip address

bridge-group 1

bridge-group 1 spanning-disabled

try that, it should work

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents