Options
Cisco IOS vpn with main mode
Fatbunny
Member Posts: 44 ■■□□□□□□□□
Wondering if anyone can point me in the right direction with this as I am not skilled with vpns. I need to connect a software vpn client (shrewsoft vpn as it supports main mode) to a cisco ios router. Cisco ipsec client can only connect with main mode using with digital certificates and I don't want to venture there yet.
Everything works fine when client uses aggressive mode, when aggressive mode is disabled on the router, I cannot connect.
Basic vpn config I am using
Everything works fine when client uses aggressive mode, when aggressive mode is disabled on the router, I cannot connect.
Basic vpn config I am using
crypto isakmp policy 3 encr 3des authentication pre-share group 2 crypto isakmp key ******* address xxx.xxx.xxx.xxx no-xauth crypto isakmp key ******* address xxx.xxx.xxx.xxx no-xauth ! crypto isakmp client configuration group CMPNAME key ********* dns 8.8.4.4 domain home.com pool vpn-pool24 acl 110 ! ! crypto ipsec transform-set REF1 esp-3des esp-md5-hmac mode tunnel crypto ipsec transform-set REF2 esp-3des esp-sha-hmac mode tunnel crypto ipsec df-bit clear ! crypto ipsec profile VPN-Profile set transform-set REF1 ! ! ! crypto dynamic-map D-Map1 10 set transform-set REF2 ! ! crypto map MAP1 client authentication list userauthen crypto map MAP1 isakmp authorization list groupauthor crypto map MAP1 client configuration address respond crypto map MAP1 10 ipsec-isakmp dynamic dynmap