06-14-2011 12:34 AM
Dear Sir,
I have cisco router 837 in the main office for a company and it's working as VPN server, the branches access to the main office using cisco VPN client application (based on windows).
We want to connect a branch using cisco router 837 (Easy VPN remote) instead of cisco VPN client application because this branch has 6 PC so we need the cisco 837 to aggregate them then connect them to the main office.
We are using dynamic DNS in the main office.
Is it possible to make a configuration in the main router for both cisco VPN client application which working in the samll branches and in the same time for Easy VPN remote (router 837) ? the network will be as the attached image.
Regards
Solved! Go to Solution.
06-16-2011 05:28 PM
Hello Hussein,
You won't be modifying the configuration on your Main router but on your Remote 837 instead.
You'll be configuring your remote router as an EzVPN remote user, please take a look at this example.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080808395.shtml
HTH
__ __
Pablo
07-04-2011 11:40 PM
Hi,
You must need to configure user and password in the server and the same need to configure at client end.
Please see the below link for clear easy vpn configuration:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ftunity.html#wp1048865
HTH
Please click on the correct answer if this answered your question.
Regards,
06-16-2011 05:28 PM
Hello Hussein,
You won't be modifying the configuration on your Main router but on your Remote 837 instead.
You'll be configuring your remote router as an EzVPN remote user, please take a look at this example.
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a0080808395.shtml
HTH
__ __
Pablo
06-25-2011 03:18 AM
Thanks Pablo,
I did the configuration as mentioned in cisco website but from the debug the router asked me for Xauth username and password so what does he mean?
1- Does he mean we should create username and password in the main router (EZVPN Server) or he needs the username and password which we put for telnet purpose in the main router?
2- I entered the following command but he did't ask me for username and password !!:
837W#crypto ipsec client ezvpn xauth
I read in some discussins that problem is IOS bugs and I should replace the IOS so I have the attached IOSs what kind is supposed to work goods?
Regards
07-04-2011 11:40 PM
Hi,
You must need to configure user and password in the server and the same need to configure at client end.
Please see the below link for clear easy vpn configuration:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ftunity.html#wp1048865
HTH
Please click on the correct answer if this answered your question.
Regards,
07-05-2011 09:48 AM
I already solve the problem.
The problrm was that I was enterning the command in the configuration mode while I should write it after the globle mode.
The problem now that tunnel is ok (up) but there is no ping between the internal LANs ( networks behind the VPN server and Remote VPN router).
Regards
07-06-2011 12:28 AM
Hi,
Yeah... I have also faced the same problem (tunnel is up but no traffic pass on)
Make sure the NAT part and accesslist part at client end and Server end is ok. It must be like below which I have at one of my easy vpn client ASA.
access-list inside_access_in extended permit ip any any
access-list inside_access_out extended permit udp any host 10.28.0.0 object-group DM_INLINE_UDP_2
global (outside) 1 interface
nat (inside) 1 10.50.50.0 255.255.255.0
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
HTH
Please click on the correct answer if this answered your question.
Regards,
Naidu.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide