From: Akhtar Rasool (akhtar.samo@gmail.com)
Date: Wed May 07 2008 - 02:59:26 ART
Dear all,
I am trying to implement Dynamic VPN on a Cisco 7609 (IOS 12.2<18>SXF13) &
when I connect to this router through a Cisco VPN Client, an IPSEC tunnel is
established.
When I issue "sh crypto ipsec sa" encrypted & decrypted packets are not
equal & Split tunneling is also not working properly. Is anyone facing
similar issue on this platform as same testing is working fine on low end
series routers.
Any help in this regard would be appreciable.
**************************************
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group TEST
key test12345
pool LOCAL
acl SPLIT
crypto isakmp profile TESTPROFILE
match identity group TEST
client authentication list USERAUTH
isakmp authorization list USERAUTH
client configuration address respond
!
!
crypto ipsec transform-set CISCO esp-3des esp-sha-hmac
!
crypto dynamic-map DYNAMIC 10
set transform-set CISCO
set isakmp-profile TESTPROFILE
reverse-route
!
!
crypto map TESTVPN 10 ipsec-isakmp dynamic DYNAMIC
ip local pool LOCAL 172.16.1.1 172.16.1.254
ip access-list extended SPLIT
permit ip 172.16.0.0 0.0.255.255 any
permit ip 192.168.0.0 0.0.255.255 any
**************************************
Regards,
Akhtar
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:16 ART