Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
637
Views
0
Helpful
1
Replies

Stuck creating 4000-series VPN

andrewcrab
Level 1
Level 1

‎03-11-2018 03:17 PM - edited ‎03-12-2019 05:06 AM

Hello,

 

I've done many VPN tunnels in the past, I've tried loads of things on the new 4331 (first one I've used), I've got doesn't even give anything in response to "sho cry sess" or "sho cry ips sa". Am I missing something, I've also got a "! Incomplete" in the sho run?

 

config snippet:-

 

crypto isakmp policy 10
encr aes 256
authentication pre-share
group 2
crypto isakmp key xxxxxxx address 0.0.0.0
!
!
crypto ipsec transform-set ts esp-aes 256 esp-sha-hmac
mode tunnel
!
!

!
crypto dynamic-map vpndynamic 10
! Incomplete  
set transform-set ts
match address vpn
reverse-route

crypto map dynmap 10 ipsec-isakmp dynamic vpndynamic

 

interface GigabitEthernet0/0/0
ip address 10.10.10.2 255.255.255.248
ip flow monitor FLOW-MONITOR-1 output
negotiation auto
crypto map dynmap

 

ip access-list extended vpn
permit ip 192.168.1.0 0.0.0.255 192.168.100.0 0.0.0.255

 

Labels:
0 Helpful
1 Reply 1

andrewcrab
Level 1
Level 1

‎03-11-2018 03:19 PM

Sorry missed a bit in the snipet:-

crypto map dynmap 10 ipsec-isakmp dynamic vpndynamic

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents