Issues with my VPN client connection: Please help me.

From: Mark Anthony (mctony@ymail.com)
Date: Sat Aug 16 2008 - 09:56:18 ART

• Next message: GAURAV MADAN: "Re: Self ping in PPPoFR"
• Previous message: GARY DUNCANSON: "Re: Self ping in PPPoFR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello GS,
I have implemented an eazy VPN server connection on my users laptop for eazy
connection to the office.
 
The issue I have is that whenever I use my VPN client to connect, it doesn`t
connect, below is the output from my VPN server router, 2811; someone should
please tell me where I got it wrong, if you can simulate, please go ahead and
let me know where I got it wrong.
 
Thanks in advance.
 
 
 

Using 2619 out of 245752 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname xxxxxxxxxxxx
!
boot-start-marker
boot-end-marker
!
no logging buffered
!
aaa new-model
!
!
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization network sdm_vpn_group_ml_1 local
aaa session-id common
ip subnet-zero
!
!
 --More--  ip cef
!
!
ip ips po max-events 100
no ftp-server write-enable
!
!
!
username xxxxx password 0 xxxxxx
!
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
crypto isakmp keepalive 20
no crypto isakmp ccm
!
crypto isakmp client configuration group default
 key 6 XXXXXX
 dns X.X.X.X X.X.X.X
 domain xxxxxxxxxxxx.com
 --More--   pool SDM_POOL_1
 acl 100
 max-users 10
 max-logins 10
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto dynamic-map SDM_DYNMAP_1 1
 set transform-set ESP-3DES-SHA
 reverse-route
!
crypto dynamic-map dmap 10
 reverse-route
!
crypto dynamic-map xxxxvpn-dymap 1
 reverse-route
!
!
!
crypto map MYCMAP 65535 ipsec-isakmp dynamic xxxvpn-dymap
!
crypto map SDM_CMAP_1 client authentication list sdm_vpn_xauth_ml_1
 --More--  crypto map SDM_CMAP_1 isakmp authorization
list sdm_vpn_group_ml_1
crypto map SDM_CMAP_1 client configuration address initiate
crypto map SDM_CMAP_1 client configuration address respond
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
crypto map smap 5 ipsec-isakmp dynamic dmap
!
!
!
interface FastEthernet0/0
 description connection to LAN
 ip address X.X.X.X 255.255.255.0
 ip nat inside
 ip virtual-reassembly
 duplex full
 speed auto
!
interface FastEthernet0/1
 description connection to internet$ETH-LAN$
 ip address X.X.X.X 255.255.255.0
 ip nat outside
 ip virtual-reassembly
 duplex full
 --More--   speed auto
 crypto map SDM_CMAP_1
!
ip local pool vpnpool 192.168.3.50 192.168.3.70
ip classless
ip route 0.0.0.0 0.0.0.0 X.X.X.X
ip http server
ip http secure-server
ip nat pool TRAVANT X.X.X.X netmask 255.255.255.0
ip nat inside source list 1 pool xxxxx overload
ip nat inside source static X.X.X.X X.X.X.X
ip nat inside source static tcp X.X.X.X 25 X.X.X.X 25 extendable
ip nat inside source static tcp X.X.X.X 80 X.X.X.X 80 extendable
ip nat inside source static tcp X.X.X.X 110 X.X.X.X 110 extendable
!
access-list 1 permit any
access-list 100 remark SDM_ACL Category=4
access-list 100 permit ip X.X.X.X 0.0.0.255 any
!
!
control-plane
!
 --More--  !
!
line con 0
 password trv
line aux 0
line vty 0 4
 password tre
 transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
xxxxxxx#

Blogs and organic groups at http://www.ccie.net

• Next message: GAURAV MADAN: "Re: Self ping in PPPoFR"
• Previous message: GARY DUNCANSON: "Re: Self ping in PPPoFR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Sep 01 2008 - 08:15:31 ART