Search results for query: *

Looks like I didn't figure out the problem. I had added the line crypto isakmp key xxxxxxx address 0.0.0.0 Which allowed my phase one to complete using this key in the MS Client. Now it's not getting past phase 2. I think my config might be a mixup of different config methods. Not Sure

I figured out what I was doing wrong to cause this error. Thanks!

I'm tring to setup a L2TP vpn on a cisco 2821 router and connect from the Microsoft VPN client. The problem is it's failing on phase 1 and doesn't connect. The bug events are: - Hash algorithum offered does not match policy! - atts are not acceptable. next payload is 0 - no offers accepted! -...

Thanks guys you pointed me in the right direction and I understand it much better now. I did a little testing and set match ip address 105 in all three of my route-maps and it worked. Internal IP's responded without being nat'ed. So, the other route maps in my NAT table allowed NAT which was...

OK will do. I'm not sure if that will break anything so I'll have to do it after 6pm tonight. Thanks

The counters are static so I think the matches are from me moving the route-map to the inside interface temporarily. Testing anything at this point. Thanks for the help! EDGE-2821#sh route-map route-map SDM_RMAP_1, permit, sequence 1 Match clauses: Set clauses: Policy routing matches...

Here is my current config. I'm at the point I'm trying anything I read on the internet that kind of relates. One thing I noticed was when I remove the "ip nat outside" the VPN works perfectly. So, the problem is definately my route-map and nonat setup. ! version 12.4 no service pad...

This is the latest router config. Nat exemption on working to send traffic through the vpn tunnel. Out bound traffic is being natted out behind router external ip. version 12.4 no service pad service tcp-keepalives-in service tcp-keepalives-out service timestamps debug datetime msec...

I thought I figured out the problem yesterday but now I don't think so. Turning off the windows firewall was just a work around for the problem. It looks like there is still a problem. What is happening is, when I ping an internal ip it responds to me nat'ed behind the firewall external ip...

WOW it looks like it's working!! At different times over the past week I have had this config but it didn't work. I just turned off windows firewall on my client and it' working. I can ping both ways. Thank you very much for helping me work through this problem. Thank you, Ken

I see this in the syslog. Information: list sdm_gigabitethernet0/0 permitted icmp 172.16.2.11 -> 192.168.80.35 (0/0), 60 packets Seems that when I ping 172.16.2.11 the system is responding but it dosn't make it through the firewall to me.

I'm not sure I see anything wrong. The NAT access-list confuses me because they are to define what gets NATed or not. To me they are kind of backwards to an access-list. I tried this still not able to ping through. access-list 105 permit ip any 192.168.80.0 0.0.0.255 ?

This was added to the above config. Still not working. ip nat inside source route-map SDM_RMAP_3 interface GigabitEthernet0/1 overload

Thank you for taking the time to review my config! I have made the suggested changes. So far I still cannot ping the internal network 172.16.0.0/16. In the end I will want the other subnets available to VPN users. 172.17, 20, & 25.0.0/16 I was focusing on 172.16.0.0 first. I have been...

I have a client VPN setup on a 2821 router. I can connect to VPN but have no access to internal subnets. Any help would be appreciated I have been struggling with this for days. Current configuration : 52632 bytes ! version 12.4 no service pad service tcp-keepalives-in service...