I am new to the concentrator and vpn's in general. I understand that the concentrator is based on UDP by default. Why when I configure a 1720 router with IPSEC IOS, I can create a vpn between my two networks, but when I try to use the LAN to LAN feature under "Tunneling protocols, IPSEC LAN to LAN" portion of the concentrator the tunnel will not come up? The only way I get the tunnel to come up is with the Base user configuration set to preshared key, checkbox on IPSEC and tunnel type Remote Access. If I choose LAN to LAN in base user, logout the session, the tunnel will never come back up. If I switch it back to Remote Access, initiate traffic, the tunnel comes up. I am assuming I have to set up NAT on the 1720, but thought this kind of work was eliminated with the concentrator. Can someone explain why this is?
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Cisco router to VPN Concentrator
- Thread starter kurttj
- Start date
Hi, I think this may be due to the 1720 configuration, I think it will set to pre-shared key, but the concentrator is asking for authorisation.
Check the crypto isakmp key statement on the router:
crypto isakmp key adcbef address 12.20.6.10 no-xauth
I had a problem similar to the one you described, the no-xauth fixed it.
Check the crypto isakmp key statement on the router:
crypto isakmp key adcbef address 12.20.6.10 no-xauth
I had a problem similar to the one you described, the no-xauth fixed it.
- Status