From: frank wells (fwells12@xxxxxxxxxxx)
Date: Wed Aug 22 2001 - 05:32:46 GMT-3
Trying to connect some dial-up clients to a network using the Safe-Net VPN
client. I want to secure the connection between client PC and the NAS with
IPsec tunnels etc.
Here is the relevant part my config. What am I missing? I have used this
one to secure tunnels over ethernet but the dialup clients don't like
something...
The client logging output stops at the following:
RECEIVED >>ISAKMP OAK INFO *(HASH,NOTIFY:NO_PROPOSAL_CHOSEN)
crypto isakmp policy 1
hash md5
authentication pre-share
crypto isakmp key cisco address 0.0.0.0 0.0.0.0
crypto isakmp client configuration address-pool local dialup
!
!
crypto ipsec transform-set trans1 esp-des esp-md5-hmac
!
crypto dynamic-map dynmap 10
set transform-set trans1
!
!
crypto map intmap client configuration address initiate
crypto map intmap client configuration address respond
crypto map intmap 10 ipsec-isakmp dynamic dynmap
interface Serial2
crypto map intmap
ip local pool dialup 192.168.1.2 192.168.1.5
Safe-Net Client Config:
1- Myconn
My Identity = ip address
Connection security: Secure
Remote Party Identity and addressing
ID Type: IP subnet
Port all Protocol all
Connect using secure tunnel
ID Type: IP address
Pre-shared key = cisco
Authentication (Phase 1)
Proposal 1
Authentication method: pre-shared key
Encryp Alg: DES
Hash Alg: MD5
SA life: Unspecified
Key Group: DH 1
Key exchange (Phase 2)
Proposal 1
Encapsulation ESP
Encrypt Alg: DES
Hash Alg: MD5
Encap: tunnel
SA life: Unspecified
no AH
2- Other Connections
Connection security: Non-secure
Local Network Interface
Name: Any
IP Addr: Any
Port: All
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:31:55 GMT-3