cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
333
Views
0
Helpful
1
Replies

problem in ezvpn

dnagarajachary
Level 1
Level 1

I am using the configurations given in the following link

http://www.cisco.com/en/US/partner/netsol/ns110/ns170/ns171/ns27/networking_solutions_white_paper09186a008018914d.shtml

But i am not able to see the IPSec SAs in the routers.

The output of sh crypto ipsec client ezvpn has the following

CLIENT#sh crypto ipsec client ezvpn

Easy VPN Remote Phase: 2

Tunnel name : simplevpn

Inside interface list: FastEthernet0/0,

Outside interface: Serial0/1

Current State: SS_OPEN

Last Event: SOCKET_READY

Mask: 255.255.255.255

Default Domain: cisco.com

I am not finding where i am going wrong......

SERVER#sh run

Building configuration...

Current configuration : 1923 bytes

!

version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname SERVER

!

logging queue-limit 100

enable password cisco

!

username xxx password xxxx

aaa new-model

!

!

aaa authentication login loginlist local

aaa authorization network loginlist local

aaa session-id common

ip subnet-zero

!

!

!

ip audit notify log

ip audit po max-events 100

!

!

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

crypto isakmp xauth timeout 60

!

crypto isakmp client configuration group vpngroup

key vpnkey

domain cisco.com

!

!

crypto ipsec transform-set vpnset esp-3des esp-sha-hmac

!

crypto dynamic-map vpnmap 1

set transform-set vpnset

!

!

crypto map vpnmap client authentication list loginlist

crypto map vpnmap isakmp authorization list loginlist

crypto map vpnmap client configuration address respond

crypto map vpnmap 1 ipsec-isakmp dynamic vpnmap

!

!

!

!

!

!

!

!

!

!

no voice hpi capture buffer

no voice hpi capture destination

!

!

mta receive maximum-recipients 0

!

!

controller T1 2/0

framing sf

linecode ami

!

controller T1 2/1

framing sf

linecode ami

!

!

!

interface FastEthernet0/0

ip address xx.xxx.152.221 255.255.255.128

duplex auto

speed auto

crypto map vpnmap

!

interface Serial1/0

no ip address

shutdown

serial restart_delay 0

no fair-queue

!

interface Serial1/1

ip address xxx.xxx.xxx.2 255.255.255.0

serial restart_delay 0

crypto map vpnmap

!

interface Serial1/2

no ip address

shutdown

serial restart_delay 0

!

interface Serial1/3

no ip address

shutdown

serial restart_delay 0

!

interface FastEthernet2/0

no ip address

shutdown

duplex auto

speed auto

!

ip http server

no ip http secure-server

ip classless

!

!

!

!

!

radius-server authorization permit missing Service-Type

call rsvp-sync

!

!

mgcp profile default

!

!

!

dial-peer cor custom

!

!

!

!

!

line con 0

line aux 0

line vty 0 4

!

!

end

sh run

Building configuration...

Current configuration : 980 bytes

!

version 12.2

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname CLIENT

!

logging queue-limit 100

enable password cisco

!

username cisco password 0 cisco

ip subnet-zero

!

!

!

!

ip audit notify log

ip audit po max-events 100

no ftp-server write-enable

!

!

!

!

!

!

!

!

!

crypto ipsec client ezvpn simplevpn

connect auto

group vpngroup key 0 vpnkey

mode client

peer 100.100.100.2

!

!

!

!

interface FastEthernet0/0

ip address xx.xx.20.1 255.255.255.0

speed auto

crypto ipsec client ezvpn simplevpn inside

!

interface Serial0/0

no ip address

shutdown

no fair-queue

!

interface Serial0/1

ip address xxx.xxx.xxx.1 255.255.255.0

clockrate 64000

crypto ipsec client ezvpn simplevpn

!

interface ATM1/0

no ip address

shutdown

no atm ilmi-keepalive

dsl operating-mode auto

!

ip classless

no ip http server

no ip http secure-server

!

!

!

!

line con 0

line aux 0

line vty 0 4

!

no scheduler allocate

!

end

-Deepu

1 Reply 1