Cisco 3620 VPN not listening UDP 500 / 4500

My Cisco 3620 IOS router is not listening on ports 500 and 4500 to setup
the VPN connection. what could be wrong with my config?


acc01# sh ip sockets
Proto Remote Port Local Port In Out Stat TTY OutputIF
17 0.0.0.0 0 xxx 67 0 0 2211 0
17 --listen-- xxx 123 0 0 1 0
17 --listen-- xxx 161 0 0 1 0
17 --listen-- xxx 162 0 0 11 0
17 --listen-- xxx 56636 0 0 1 0


!
version 12.3
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname xxx
!
boot-start-marker
boot-end-marker
!
logging buffered 8096 debugging
enable password xxx
!
username console password xxx
clock timezone GMT 1
clock summer-time GMT+01:00 recurring last Sun Mar 2:00 last Sun Oct 3:00
no aaa new-model
ip subnet-zero
no ip source-route
!
!
no ip cef
ip domain name xxx
ip name-server xxx
ip name-server xxx
!
ip audit po max-events 100
!
isdn switch-type basic-net3
!
!
crypto isakmp policy 3
encr 3des
authentication pre-share
group 2
!
crypto isakmp policy 20
encr 3des
authentication pre-share
group 2
!
crypto isakmp client configuration group management
key mykey
dns xxx
pool vpn_pool
acl 100
!
!
crypto ipsec transform-set ip2encr esp-3des esp-md5-hmac
!
crypto dynamic-map dynmap 40
set transform-set ip2encr
!
!
crypto map ip2 client authentication list userauthen
crypto map ip2 isakmp authorization list groupauthor
crypto map ip2 client configuration address respond
crypto map ip2 40 ipsec-isakmp dynamic dynmap
!
!
!
!
interface FastEthernet0/0
ip address xxx 255.255.255.192
ip nat outside
duplex auto
speed auto
no cdp enable
crypto map ip2
!
interface FastEthernet0/1
ip address 10.1.0.254 255.255.0.0
ip nat inside
duplex auto
speed auto
no cdp enable
!
interface BRI1/0
no ip address
isdn switch-type basic-net3
no cdp enable
!
interface BRI1/1
no ip address
shutdown
isdn switch-type basic-net3
no cdp enable
!
interface BRI1/2
no ip address
shutdown
isdn switch-type basic-net3
no cdp enable
!
interface BRI1/3
no ip address
shutdown
isdn switch-type basic-net3
no cdp enable
!
interface Group-Async1
ip address negotiated
encapsulation ppp
async mode interactive
peer default ip address pool setup_pool
ppp authentication chap pap
group-range 1 2
!
ip local pool setup_pool 10.1.0.100 10.1.0.199
ip local pool vpn_pool 10.2.0.0 10.2.0.100
ip nat inside source route-map nonat interface FastEthernet0/0 overload
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0
!
!
access-list 1 permit 10.0.0.0 0.255.255.255
access-list 100 permit ip 10.1.0.0 0.0.255.255 10.2.0.0 0.0.255.255
access-list 101 deny ip 10.1.0.0 0.0.255.255 10.2.0.0 0.0.255.255
access-list 101 permit ip 10.1.0.0 0.0.255.255 any
dialer-list 1 protocol ip permit
no cdp run
!
route-map nonat permit 10
match ip address 101
!
!
line con 0
line 1 2
login local
modem Dialin
autoselect during-login
autoselect ppp
stopbits 1
speed 115200
flowcontrol hardware
line aux 0
line vty 0 4
password xxx
login
line vty 5
password xxx
login
!
end

 

Did you ever try to connect using the vpn clients.
Secondlh you have used:

But I dont see any equivalent aaa commans in the router config.
aaa new-model

Go to cisco.com and search for a sample config.