02-23-2019 06:25 PM - edited 02-21-2020 09:34 PM
Hi There!
I am configuring 2 L2TP over IPSec tunnel on my Cisco Router (1941/K9 V:15.0(1r)M15). One IPSec tunnel is used for me to access the Network through my MAC. And the other IPSec for my colleagues. There is one problem happening and I don't know the issue. IPsec for my colleague is up and working but IPSec for me is not connecting. My configurations are mentioned below. Can someone help me out because I am stuck over there for two days and I didnt find Cisco Manual for configurations ?
!
aaa authentication login singleaun local
aaa authentication login vpn-client local
aaa authorization network default local
aaa authorization network groupaun local
!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 20
encr aes 256
authentication pre-share
group 2
lifetime 28800
crypto isakmp keepalive 10 periodic
!
crypto isakmp client configuration group vpnusers
key CiscoC11@17782
domain alphasupport.com.bh
pool vpn-clients
acl encrypt-to-vpn-clients
!
crypto isakmp client configuration group SingleUser
key CiscoC14@177995
pool ippool
acl 105
crypto isakmp profile vpnclients
match identity group vpnusers
client authentication list vpn-client
isakmp authorization list default
client configuration address respond
virtual-template 1
crypto isakmp profile SingleUser
match identity group SingleUser
client authentication list singleaun
isakmp authorization list groupaun
client configuration address respond
client configuration group vpnclients
virtual-template 2
!
!
crypto ipsec transform-set transform-aes256-sha esp-aes 256 esp-sha-hmac
crypto ipsec transform-set myset3 esp-3des esp-md5-hmac
!
crypto ipsec profile SingleUser
set transform-set myset3
set isakmp-profile SingleUser
!
crypto ipsec profile clientset1
set transform-set transform-aes256-sha
!
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
ip flow ingress
tunnel mode ipsec ipv4
tunnel protection ipsec profile clientset1
!
!
interface Virtual-Template2 type tunnel
ip unnumbered GigabitEthernet0/0
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1280
tunnel mode ipsec ipv4
tunnel protection ipsec profile SingleUser
!
ip route 30.30.30.0 255.255.255.0 Null0
!
access-list 105 permit ip 192.168.254.0 0.0.0.255 30.30.30.0 0.0.0.255
!
ip local pool ippool 30.30.30.10 30.30.30.20
ip local pool vpn-clients 20.20.20.1 20.20.20.254
Best Regards,
02-23-2019 07:44 PM - edited 02-23-2019 07:45 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: