Solved: Client VPN fails with ISAKMP errors

ndazzi.rdac · ‎08-15-2012

Hi,

situation:

cisco 878 configured to accept client vpn requests. From client prospective people get error 412 and they can't connect. Not sure what s wrong, following configuration and debug isakmp. Autentication is through a radius server.

thanks in advance.

Marcin Latosiewicz · ‎08-16-2012

In the config above - you have wrong crypto map assigned to interface.

Also, I'd suggest using VTI based setup and not crypto maps.

View solution in original post

Marcin Latosiewicz · ‎08-16-2012

In the config above - you have wrong crypto map assigned to interface.

Also, I'd suggest using VTI based setup and not crypto maps.

ndazzi.rdac · ‎08-16-2012

Hi,

thanks for the tip

I have changed

crypto map VPNTOMEL 1 ipsec-isakmp

--More-- description VPN to Perth

set peer $$$$4

set transform-set ESP-3DES-SHA

set pfs group2

match address 118

to (so it has the same name as the group vpn).

crypto map RDAPER 2 ipsec-isakmp

description VPN to Perth

set peer $$$$4

set transform-set ESP-3DES-SHA

set pfs group2

match address 118

changed the crypto map in the dialer interface to crypto map RDAPER

The IPSEC vpn went back up, but i m still getting the same errors connecting using the vpn client

any clues?

thanks

ndazzi.rdac · ‎08-16-2012

Hi,

i ve marked the answer as correct so you can get some rep back. Thanks for putting me in the right direction.

That was one problem the other problem that the crypto map was missing:

crypto map RDAPER 10 ipsec-isakmp dynamic dynmap

thanks

Nick