Ezvpn server and ezvpn client possible on a same cisco 837

Discussion in 'Cisco' started by Tag, Oct 21, 2003.

  1. Tag

    Tag Guest

    When i configure a ezvpn client on a cisco 837 with a easy vpn server actif
    in my configuration, the vpn server fonctionality don't work. I have a IKE
    phase 1 failure, no policy match. When i remove the crypto ipsec client
    ezvpn ezclient in my configuration, the ezvpn sever work again. My cisco ios
    version is 12.3.2T1.

    Here my configuration file.

    no service pad
    service timestamps debug datetime localtime
    service timestamps log datetime localtime
    service password-encryption
    no service dhcp
    hostname hostname
    no logging buffered
    no logging monitor
    enable secret 0 secret
    enable password 0 password
    username userclient password 0 usererclient
    aaa new-model
    aaa authentication login nomadesauth local
    aaa authorization network groupauthor local
    aaa session-id common
    ip subnet-zero
    ip telnet source-interface Ethernet0
    no ip domain lookup
    crypto isakmp policy 1
    encryption 3des
    authentication pre-share
    group 2
    hash md5
    lifetime 3600
    ip inspect name PARE-FEU cuseeme timeout 3600
    ip inspect name PARE-FEU ftp timeout 3600
    ip inspect name PARE-FEU http timeout 3600
    ip inspect name PARE-FEU rcmd timeout 3600
    ip inspect name PARE-FEU realaudio timeout 3600
    ip inspect name PARE-FEU smtp timeout 3600
    ip inspect name PARE-FEU tftp timeout 30
    ip inspect name PARE-FEU udp timeout 15
    ip inspect name PARE-FEU tcp timeout 3600
    ip inspect name PARE-FEU h323 timeout 3600
    ip ssh time-out 60
    ip ssh authentication-retries 2
    ip ssh source-interface Dialer1
    ip ssh break-string
    crypto ipsec client ezvpn clientezvpn
    connect manual
    group apsimmedvpn key presharekey
    mode client
    peer y.y.y.y
    crypto isakmp client configuration group ezvpngroup
    key presharekey
    pool nomades1
    acl 122
    crypto ipsec transform-set nomades_set esp-3des esp-md5-hmac
    mode tunnel
    crypto dynamic-map dynmap 10
    set transform-set nomades_set
    crypto map nomadesmap client authentication list nomadesauth
    crypto map nomadesmap client configuration address respond
    crypto map nomadesmap isakmp authorization list groupauthor
    crypto map nomadesmap 10 ipsec-isakmp dynamic dynmap
    interface Ethernet0
    ip address
    ip nat inside
    no cdp enable
    crypto ipsec client ezvpn clientezvpn inside
    hold-queue 100 out
    interface ATM0
    no ip address
    no atm ilmi-keepalive
    pvc 2/32
    ubr 320
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
    dsl operating-mode auto
    dsl power-cutback 0
    interface Dialer1
    ip address negotiated
    ip access-group 111 in
    ip nat outside
    ip inspect PARE-FEU out
    encapsulation ppp
    dialer pool 1
    dialer-group 1
    no cdp enable
    ppp authentication chap pap callin
    ppp chap hostname X
    ppp chap password 0 X
    crypto ipsec client ezvpn clientezvpn
    crypto map nomadesmap
    ip nat inside source list 101 interface Dialer1 overload
    ip classless
    ip local pool nomades1
    ip route Dialer1
    no ip http server
    no ip http secure-server
    no logging trap

    Thank's a lot for you help.
    Tag, Oct 21, 2003
    1. Advertisements

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Suppa Lamah
  2. Christian Hewitt
    Christian Hewitt
    Apr 24, 2005
  3. Christian Hewitt
    Tony Clifton
    Apr 30, 2005
  4. Replies:
  5. Replies:

Share This Page