Need Help Configuring IPSec VPN - PLEASE HELP!!

[JRosario78]

Hi All,

I need help configuring an IPSec VPN. This is the first time that I try to do this via the CLI. I've done it with the SDM but I really would like to know how to make it work via the CLI. Below are the commands that I'm putting in but for some readon I just can't get it to work. I keep getting MM_NO_STATE.

Can someone PLEASE help me??

config t
crypto isakmp enable
crypto isakmp policy 10
authentication pre-share
encryption 3des
group 2
hash sha
lifetime 86400
crypto isakmp keepalive 15 3
exit

config t
crypto isakmp key 0 !Pr3Sh@r3dK3y! address PEER'S_WAN_ADD

crypto ipsec transform-set 3DES-SHA esp-3des esp-sha-hmac
mode tunnel
exit

crypto ipsec security-association lifetime seconds 1800

ip access-list ext 101
permit ip 172.25.10.0 0.0.0.31 172.26.10.0 0.0.0.31
exit

crypto map SBNPVPN 10 ipsec-isakmp
match address 101
set peer PEER'S_WAN_ADD
set transform-set 3DES-SHA
set pfs group2
end

config t
int fa0/0
crypto map SBNPVPN
end

config t
ip access-list ext 102
permit udp host PEER'S_WAN_ADD any eq isakmp
permit esp host PEER'S_WAN_ADD any
end

Should I add this statement (access-list 101 permit ip host PEER'S_WAN_ADD host HQ_WAN_ADD) to ACL 101?

Thanks in advance!!!

 

[burtsbees]

Post the entire config. Why tunnel mode?

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!