Cisco 891W - Remote Access

bibble_235 · ‎07-25-2011

Hi,

I am looking for some help on how to connect with one of these. I work for a small company and need to gain remote access.

I have been provided with

IKE Proposal
	IKE Negotiation	Main
	IKE Authentication	SHA/HMAC-160
	IKE Encryption	3DES
	IKE DH Group (1 or 2)	2
	IKE Time Lifetime	86400 seconds
IPSec Proposal
	IPSec Authentication	ESP/SHA/HMAC-160
	IPSec Encryption	3DES
	IPSec Perfect Forward Secrecy	Disabled
	IPSec SA Life time	28800
Routing		Disable
IPSec NAT-T		Disable

- PSK (Preshared Key)

- IP Address external

- Pub IP Address (Remote and local)

- Network (Remote and local)

I cannot get a connection with the cisco client or openswan or any other client. Cisco's returns 412

I have ensured UDP ports are open two.

I do not have access to the customer's router as we are a vendor. Is there anything they need to be doing to make this work.

The only thing in the client that seemed a bit strange was that you needed a groupname if you wanted a group password.

Thanks,

Iain

(Remote and local)

paolo bevilacqua · ‎07-25-2011

If cisco client doesn't work, the router is not configured correctly.

When someone gives you access to their systems using their router, it's their responsibility to give you a working cisco vpn client configuration file.

Richard Burts · ‎07-30-2011

Iain

I can not tell whether the 891W is your equipment or is the customers equipment. Perhaps you can clarify?

Some of the parameters provided look like the customer is intending site to site VPN. But if you are trying to use the Cisco (or anyone else) client then you are trying to do Remote Access VPN. These two work very differently. Perhaps you can clarify with the customer which type of VPN they intend?

HTH

Rick

Sent from Cisco Technical Support iPhone App

HTH

Rick