Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1017
Views
10
Helpful
1
Replies

L2TP over IPSec Issue Cisco Router 1941/K9 ?

usmansa1
Level 1
Level 1

‎02-23-2019 06:25 PM - edited ‎02-21-2020 09:34 PM

Hi There!

 

I am configuring 2 L2TP over IPSec tunnel on my Cisco Router (1941/K9 V:15.0(1r)M15). One IPSec tunnel is used for me to access the Network through my MAC. And the other IPSec for my colleagues. There is one problem happening and I don't know the issue. IPsec for my colleague is up and working but IPSec for me is not connecting. My configurations are mentioned below. Can someone help me out because I am stuck over there for two days and I didnt find Cisco Manual for configurations ?

 

!

aaa authentication login singleaun local
aaa authentication login vpn-client local
aaa authorization network default local
aaa authorization network groupaun local


!
crypto isakmp policy 10
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 20
encr aes 256
authentication pre-share
group 2
lifetime 28800
crypto isakmp keepalive 10 periodic
!
crypto isakmp client configuration group vpnusers
key CiscoC11@17782
domain alphasupport.com.bh
pool vpn-clients
acl encrypt-to-vpn-clients
!
crypto isakmp client configuration group SingleUser
key CiscoC14@177995
pool ippool
acl 105
crypto isakmp profile vpnclients
match identity group vpnusers
client authentication list vpn-client
isakmp authorization list default
client configuration address respond
virtual-template 1
crypto isakmp profile SingleUser
match identity group SingleUser
client authentication list singleaun
isakmp authorization list groupaun
client configuration address respond
client configuration group vpnclients
virtual-template 2
!
!
crypto ipsec transform-set transform-aes256-sha esp-aes 256 esp-sha-hmac
crypto ipsec transform-set myset3 esp-3des esp-md5-hmac
!
crypto ipsec profile SingleUser
set transform-set myset3
set isakmp-profile SingleUser
!
crypto ipsec profile clientset1
set transform-set transform-aes256-sha
!
interface Virtual-Template1 type tunnel
ip unnumbered GigabitEthernet0/0
ip flow ingress
tunnel mode ipsec ipv4
tunnel protection ipsec profile clientset1
!
!
interface Virtual-Template2 type tunnel
ip unnumbered GigabitEthernet0/0
ip flow ingress
ip nat inside
ip virtual-reassembly
ip tcp adjust-mss 1280
tunnel mode ipsec ipv4
tunnel protection ipsec profile SingleUser
!
ip route 30.30.30.0 255.255.255.0 Null0
!
access-list 105 permit ip 192.168.254.0 0.0.0.255 30.30.30.0 0.0.0.255
!
ip local pool ippool 30.30.30.10 30.30.30.20
ip local pool vpn-clients 20.20.20.1 20.20.20.254

 

  Best Regards,

 

Labels:
1 Reply 1

usmansa1
Level 1
Level 1

‎02-23-2019 07:44 PM - edited ‎02-23-2019 07:45 PM

Interface Configurations are Given Below. 

 

!
interface GigabitEthernet0/1
description WAN Connection Alphasol1
ip address 37.131.54.34 255.255.255.240
ip access-group InternetOut out
ip nat outside
ip virtual-reassembly
duplex full
speed 1000
!
end

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents