IPSec Conflict

Hello Experts,

I m facing some issue with Ipsec tunnel, I already have one established Ipsec
vpn tunnel from my hub office to UK , and now I m trying to configure the
router as VPN hub and using Cisco agent . but some reason my uk tunnel started
dropped .. please see below the configuration please advice ..

aaa new-model
!
!
aaa authentication login userauthan local
aaa authorization network groupauthor local
!
aaa session-id common
!
!
ip cef
!
!
!
!
!
!
crypto isakmp policy 1
 encr 3des
 hash md5
 authentication pre-share
 group 2

crypto isakmp key xxxxxx address 194.xx.xx.xx
crypto isakmp key xxxxxx address 0.0.0.0 0.0.0.0
crypto isakmp invalid-spi-recovery
!
crypto isakmp client configuration group vpnclient
 key xxxxx
  pool ippool
 acl 108
!
!
crypto ipsec transform-set VD esp-3des esp-sha-hmac
crypto ipsec transform-set London esp-3des esp-md5-hmac
crypto ipsec transform-set myset esp-3des esp-md5-hmac
!

!
!
crypto dynamic-map dynmap 20
 set transform-set myset
!
!
crypto map VPN client authentication list userauthan
crypto map VPN isakmp authorization list groupauthor
crypto map VPN client configuration address respond
crypto map VPN 10 ipsec-isakmp
 set peer 194.xx.xx.xx
 set transform-set London
 match address acl-vpn
crypto map VPN 20 ipsec-isakmp dynamic dynmap
!
!
!

!
interface FastEthernet0/0
 ip address 178.xx.xx.xx 255.255.255.xx
 ip virtual-reassembly
 duplex auto
 speed auto
 crypto map VPN
!
interface FastEthernet0/1
 ip address 10.0.xx.xx 255.255.255.0
 ip virtual-reassembly
 duplex auto
 speed auto
!
ip local pool ippool 10.0.xx.xx 10.0.xx.xx
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 178.135.63.137

!
ip http server
no ip http secure-server
!
ip access-list extended acl-vpn
 permit ip 10.0.x.0 0.0.0.255 192.x.x.0 0.0.0.255
!
access-list 108 permit ip 10.0.x.0 0.0.0.255 10.0.x.0 0.0.0.255
!

Blogs and organic groups at http://www.ccie.net
Received on Fri Oct 01 2010 - 12:55:44 ART