07-09-2020 04:59 PM
Hello everybody
I made a VPN ikv2 but does not up phase 1, I think a Conver all but no work.
I was talking to my networking friends and the only different in them configuration and mine its this
My Config
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless ( no ikev2 )
configuration of my networking friends
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 ( yes ikv2)
someone has something like this, please your help
----------------------------------------------------------------------------------
A let my configuration
crypto ipsec ikev2 ipsec-proposal ABCD
protocol esp encryption aes-256
protocol esp integrity sha-384
crypto ikev2 policy 50
encryption aes-256
integrity sha
group 19
prf sha384
lifetime seconds 28800
crypto map VPN-SITE-TO-SITE 15 match address ABCD_acl
crypto map VPN-SITE-TO-SITE 15 set pfs group19
crypto map VPN-SITE-TO-SITE 15 set peerX.X.X.X
crypto map VPN-SITE-TO-SITE 15 set ikev2 ipsec-proposal ABCD
crypto map VPN-SITE-TO-SITE 15 set security-association lifetime seconds 3600
crypto ikev2 enable OUTSIDE
tunnel-group ABCD type ipsec-l2l
tunnel-group ABCD ipsec-attributes
ikev2 remote-authentication pre-shared-key *****
ikev2 local-authentication pre-shared-key *****
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-clientless
07-09-2020 10:27 PM
Hi,
Yes, you need to define IKEv2 under the group-policy DfltGrpPolicy as your networking friends have.
07-10-2020 06:45 AM
thaks I gonna try and let you know how was
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide