cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
974
Views
10
Helpful
4
Replies

Cisco VPN 2600

Justin Reeve
Level 1
Level 1

Hi,

I have a Cisco 2600 connected to a 2950. I would like to allow VPN access via ADSL to the local network via Cisco VPN client. e.g

VPN Client --> ADSL Cloud --> 2600 --> 2950

I have searched cisco.com and forum.cisco.com and can't find how to configure this. Any assistance would be much appreciated!

Regards

J

4 Replies 4

stomasko
Level 4
Level 4

Take a look at this sample config. This should help point you in the right direction.

http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a00801c4246.shtml

Steve

jackko
Level 7
Level 7

below are the sample codes:

aaa new-model

aaa authentication login vpnauthen local

aaa authorization network vpnauthor local

crypto isakmp policy 10

encr 3des

authentication pre-share

group 2

crypto isakmp client configuration group vpngroup

key xxxxxxxx

pool vpnpool

acl 130

crypto ipsec transform-set vpnset esp-3des esp-md5-hmac

crypto dynamic-map dynmap 10

set transform-set vpnset

crypto map vpnmap client authentication list vpnauthen

crypto map vpnmap isakmp authorization list vpnauthor

crypto map vpnmap client configuration address respond

crypto map vpnmap 10 ipsec-isakmp dynamic dynmap

interface Ethernet0

ip address 192.168.1.1 255.255.255.0

ip nat inside

interface Dialer0

ip address

ip nat outside

crypto map vpnmap

ip local pool vpnpool 10.1.1.1 10.1.1.10

ip nat inside source route-map nonat interface Dialer0 overload

access-list 101 deny ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

access-list 101 permit ip 192.168.1.0 0.0.0.255 any

access-list 130 permit ip 192.168.1.0 0.0.0.255 10.1.1.0 0.0.0.255

route-map nonat permit 10

match ip address 101

Hi,

Thank you very much for your response. I tried to impliment the solution that you suggested but I recived the following error message in the cisco VPN client:

Cisco Systems VPN Client Version 4.8.00.0440

Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 5.1.2600 Service Pack 2

15 18:01:26.020 01/22/06 Sev=Warning/2 IKE/0xA3000067

Received an IPC message during invalid state (IKE_MAIN:507)

16 18:01:40.011 01/22/06 Sev=Warning/3 IKE/0xE3000084

The length, 0, of the Mode Config option, INTERNAL_IPV4_NETMASK, is invalid

17 18:01:42.384 01/22/06 Sev=Warning/2 CVPND/0xE3400013

AddRoute failed to add a route: code 87

Destination 192.168.0.255

Netmask 255.255.255.255

Gateway 192.168.6.3

Interface 192.168.6.3

18 18:01:42.404 01/22/06 Sev=Warning/2 CM/0xA3100024

Unable to add route. Network: c0a800ff, Netmask: ffffffff, Interface: c0a80603, Gateway: c0a80603.

Any Ideas ?

Regards

J

the log suggests that there is a failure when adding route onto the local pc.

just wondering what the local pc subnet scheme is. verify it's not overlapping with the vpn client pool configured on the pix.