troubleshooting Question

Cisco VPN question, see config I know I am close

Avatar of tgeddings
tgeddings asked on
1 Comment1 Solution220 ViewsLast Modified:
I have a 800 series router I am trying to setup as a vpn server. I thought I could do this and I feel like I am close but I am missing something.  I will be using the Cisco VPN client to connect to the router and would like to be able to talk to the 192.168.11.x network.
Can someone please look at this config and tell me what I am missing. Based on what I have read I am missing the "crypto map mymap" statement on the e1 but it tells me the map is empty so I am lost.
sh run
Building configuration...

Current configuration : 1946 bytes
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
hostname iksflorence
enable secret 5 $1$2eUZ$ICdgdx.0HE6cTK9faPLDm.
username mspurling password 7 01120A1D4818075E711C1A
username aclark password 7 094F42080B0E0417081E013E
aaa new-model
aaa authentication login userauthn local
aaa authorization network groupauthor local
aaa session-id common
ip subnet-zero
ip name-server

crypto isakmp policy 10
 hash md5
 authentication pre-share
crypto isakmp client configuration group iksflorence
 key $1kss1cr1t
 domain iksflorence.local
 pool ippool
 acl 103
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto dynamic-map dynamic_client 40
 set transform-set myset
crypto map mymap client authentication list userauthen
crypto map mymap isakmp authorization list groupauthor
crypto map mymap client configuration address respond
interface Ethernet0
 description MARK generated text. Please don't delete this:
 ip address
 no ip unreachables
 ip nat inside
 no ip route-cache
 no ip mroute-cache
 no cdp enable
 hold-queue 100 out
interface Ethernet1
 descripton Mark generated text. This is the public IP address given by ISP
 ip address 74.255.97.xx 255.255.255.xx
 no ip unreachables
 ip nat outside
 ip route-cache flow
 no ip mroute-cache
 no cdp enable

ip local pool ippool
ip nat inside source list 1 interface Ethernet1 overload
ip classless
ip route 74.255.97.xx
ip http server
access-list 1 permit
access-list 103 permit ip
no cdp run
radius-server authorization permit missing Service-Type
line con 0
 exec-timeout 120 0
 password 7 030D5018150A225E4B1D
 stopbits 1
line vty 0 4
 exec-timeout 120 0
 password 7 0945451A0A0014000E18
 length 0
scheduler max-task-time 5000


Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 1 Comment.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros