10-22-2012 03:00 AM - edited 02-21-2020 06:25 PM
Hello,
I try to get running an Easy VPN (classic config) with two router. Remote and Client.
I can see some interesting results in "sh crypto isakmp sa" and " sho cryp ipsec client ez" but "sh crypto ipsec sa" remains empty.
GNS3 is used.
I've tried now for a whole week.
Could anyone try to help me please.
Best regards to all you you.
These are my configs and a drawing.
Server routeur config R1
---------------------------------
aaa new-model
!
!
aaa authentication login userlist local
aaa authorization network EzVPN_Users-1 local
!
!
aaa session-id common
memory-size iomem 5
ip cef
!
!
!
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
password encryption aes
!
username vincent password vincent
!
crypto isakmp policy 1
encr aes 256
authentication pre-share
group 2
!
crypto isakmp client configuration group EzVPN_Users-1
key 123456789
dns 192.168.6.2
wins 192.168.6.2
domain security.com
pool EzVPN_Users-1
!
!
crypto ipsec transform-set transform esp-aes 256
!
crypto dynamic-map dynmap 1
set transform-set transform
set peer 192.168.0.1
reverse-route
!
crypto map VPN_REMOTE isakmp authorization list EzVPN_Users-1
crypto map VPN_REMOTE client configuration address respond
crypto map VPN_REMOTE 1 ipsec-isakmp dynamic dynmap
!
!
!
!
!
!
!
interface FastEthernet0/0
no shut
ip address 192.168.0.2 255.255.255.0
duplex auto
speed auto
crypto map VPN_REMOTE
!
interface FastEthernet0/1
no shut
ip address 192.168.6.3 255.255.255.0
duplex auto
speed auto
!
ip local pool EzVPN_Users-1 192.168.1.3
ip forward-protocol nd
ip route 192.168.1.0 255.255.255.0 192.168.0.1
!
!
no ip http server
------------------------------------------------------------------
Remote server R6
!
crypto ipsec client ezvpn R1
connect auto
group EzVPN_Users-1 key 123456789
mode network-extension
peer 192.168.0.2
xauth userid mode interactive
!
!
!
!
!
!
!
interface FastEthernet0/0
no shut
ip address 192.168.0.1 255.255.255.0
duplex auto
speed auto
crypto ipsec client ezvpn R1 outside
!
interface F0/1
ip address 192.168.1.1 255.255.255.0
no shut
duplex auto
speed auto
crypto ipsec client ezvpn R1 inside
02-13-2019 03:10 AM
What is the solution to the problem?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide