01-27-2019 09:23 AM - edited 02-21-2020 09:33 PM
I am trying to create a dial up VPN on an ISR4331 (as you might see from another post I've tried PPTP with little success). I have tried L2TP/IPSEC and IPSEC trying to connect from the native VPN client in an android phone however the two ends seem incapable of finding a phase 1 policy which matches. All the attempts from the phone seem to include -CBC but that doesn't seem to be an option in the config in IOS. Am I missing something here or is it not possible to create a simple IPSEC dial up VPN to an IOS router?
01-27-2019 09:49 AM
01-28-2019 01:35 PM
Hi. I am running an ISR4331 on 15.5(3)S6.
I think I may have sorted that issue at least in that I had not correctly configured the group ID on the android device. I now get the tunnel up but get no traffic passing on it. How does the tunnel work in relation to the zone based firewall? Does it class as an outside interface? I can ping from the LAN to the phone but not from the phone to the LAN so I'm wondering if its being firewalled (even though no denys are logged.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide