Hi MHM,

Thank you very much for your reply.  I tried following the steps in the article, putting in my ip addresses when it looked like I should.  I still cannot connect and am attaching a screenshot of the error I received.  The one part of the example that I didn't understand what to enter was the ip address for loopback 100.  I am also attaching my running config in the hopes you can help me with this mess.

Thank you,

Ken

version 15.7
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CR1
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 $1$Iwr8$ofRhNY6zETijyTXArVV72/
enable password XXXXXXX
!
aaa new-model
!
!
aaa authentication login brds1 local
aaa authorization network brds2 local
!
!
!
!
!
!
aaa session-id common
!
!
!
!
!
!
!
!
!
!
ip dhcp pool Office
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
dns-server 8.8.8.8 9.9.9.9
!
ip dhcp pool Customers
network 192.168.20.0 255.255.255.0
default-router 192.168.20.1
dns-server 8.8.8.8 9.9.9.9
!
ip dhcp pool Native
network 192.168.80.0 255.255.255.0
default-router 192.168.80.1
dns-server 8.8.8.8 9.9.9.9
!
ip dhcp pool Mgt
network 192.168.99.0 255.255.255.0
default-router 192.168.99.1
dns-server 8.8.8.8 9.9.9.9
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
license udi pid CISCO2901/K9 sn FTX144201WM
!
!
username XXXXXXX password 0 XXXXXXX
!
redundancy
!
!
!
!
!
!
!
crypto isakmp policy 10
encr 3des
hash md5
authentication pre-share
group 2
!
crypto isakmp client configuration group brdsc1
key XXXXXXX
pool VPNPOOL
!
!
crypto ipsec transform-set set1 esp-3des esp-md5-hmac
mode tunnel
!
!
!
crypto dynamic-map map1 10
set transform-set set1
reverse-route
!
!
crypto map map1 client authentication list brds1
crypto map map1 isakmp authorization list brds2
crypto map map1 client configuration address respond
crypto map map1 10 ipsec-isakmp dynamic map1
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.20
encapsulation dot1Q 20
ip address 192.168.20.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.80
encapsulation dot1Q 80
ip address 192.168.80.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.99
encapsulation dot1Q 99
ip address 192.168.99.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
ip address 192.168.1.202 255.255.255.0
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
no mop enabled
crypto map map1
!
ip local pool VPNPOOL 192.168.10.203 192.168.10.220
ip forward-protocol nd
!
ip http server
no ip http secure-server
!
ip nat inside source list 100 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1
!
!
!
access-list 100 permit ip 192.168.0.0 0.0.255.255 any
!
!
!
control-plane
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
password XXXXXXX
transport input none
!
scheduler allocate 20000 1000
!
end

CR1#

but the link I share dont include any IPsec ?
it pure l2tp 

what I see you try use clientless RA VPN IPSec, I dont think it work between win and router 

MHM

You are correct, that is what I was trying to setup and just use the Windows VPN connection to the router.  Unfortunately for me, I get an error every time I try to connect.  The video I watched that had me set things up the way I did, worked great in packet tracer.  I could connect and ping a PC on vlan 10.  I found a site online that had Cisco VPN Connection for download.  I downloaded that and tried to connect.  It worked.  However, I cannot ping a pc on vlan 10,  Do you think I should rip out the other configuration and just use the configuration you sent a link to?  If I do that, what IP address should I use on the loopback interface?  That one really has me confused.  Thank you again for your help and patience.

Ken

Today, I removed all of the configurations that I had put in and just used the example configuration that was in the article but I put in my IP addresses.  I'm still stuck about what address to give the loopback, so I gave it an address of 192.168.0.1.  I again followed the instructions on setting up a vpn connection in windows.  When I try to connect, I get the same error that I sent a screen shot of the other day.  Do you think this is a hopeless activity trying to get old equipment to work with new PC's?  Let me know what you think when you get a chance.

Thank you,

Ken

in Windows these must config 

the L2TP/IPSec and no encryption 

MHM

That's exactly how I have it.  I also don't have Microsoft CHAP checked either.  I have to be missing something, but for the life of me I don't know what.

Ken

Open Port or turn off FW in Win PC 

MHM

Well, yesterday I found an article on FirewallCx that went step by step on configuring the router to use the Cisco VPN connection.  I entered everything in their config and using the Cisco client, I connected immediately.  I then tried to ping the vlan 10 gateway and it worked.  I then powered on a laptop and tried pinging that and it worked like a champ.  Tomorrow I'm going to try connecting to the laptop with TightVNC and see if I can take control of it.  Stay tuned, this thing sneaked up on me and just might be working.

Ken

You so so welcome 
you do all job I am only make you notice some point 

glad your issue is solved finally 
have a nice day 

MHM