Solved: Cisco VPN Client RA IKEv1

JohnTylerPearce · ‎06-19-2012

Hey, I'm setting up a IKEv2 RA VPN, with the regular Cisco VPN Client (Yellow Lock).

Form what I can tell, I'm doing a Group Authentication. For the Group Name, I'm using the name of

my connection profile for the RA VPN, and the password is my pre-shared-key for this RA VPN.

When I hit connect, nothing happens. I tried doing a 'debug crypto ipsec' but that doesn't show a thing.

I looked on the log, and I can't even see anything trying to connect to the RA VPN, when I'm testing it.

Does anyone have any ideas by any chance?

Jennifer Halim · ‎06-19-2012

IKEv2 is not supported on Cisco VPN Client.

IKEv2 is only supported on AnyConnect client and IPSec LAN-to-LAN.

To use Cisco VPN Client, you would need to configure IKEv1.

View solution in original post

JohnTylerPearce · ‎06-19-2012

I think it may be a firewall problem. I can ping the outside IP, and see it when I run a capture from any souce with IP traffic, going to the outside interface, but if I try to create an RA IPse connection, I don't see any traffic whatever hitting it.

JohnTylerPearce · ‎06-19-2012

From doing some research, I found that a firewall was blocking IPSec traffic. For testing purposes, I put it on our local LAN to rule out any firewall, and I was able to capture IPsec packets. I did not however, see any type of connectivity with this IPsec Ike v1 RA VPN. I'm doing authentication through AD, but I you would think that it should at least get me to the point where I can enter a login/pass.

Jennifer Halim · ‎06-19-2012

IKEv2 is not supported on Cisco VPN Client.

IKEv2 is only supported on AnyConnect client and IPSec LAN-to-LAN.

To use Cisco VPN Client, you would need to configure IKEv1.