IPsec Dynamic Point to Point Issue
Corndork2
Member Posts: 266
in CCNA & CCENT
All -
I seem to be having a problem with my Point to Point IPsec setup. I am trying to set up my router to be the IPsec connection point for dynamic IPsec point to point tunnels. This is on a Cisco 1841 IOS: c1841-adventerprisek9-mz.151-4.M6.bin
Config:
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 86400
!
crypto isakmp key **** address 0.0.0.0 0.0.0.0
!
ip access-list extended IPSEC-TRAF
permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
!
crypto ipsec transform-set TS esp-3des esp-md5-hmac
!
crypto map VPN 1 ipsec-isakmp dynamic hq-vpn
!
crypto dynamic-map hq-vpn 10
set security-association lifetime seconds 86400
set transform-set TS
match address IPSEC-TRAF
!
interface FastEthernet0/0
crypto map hq-vpn
Error Seen:
Core-RTR(config-if)# crypto map hq-vpn
ERROR: Crypto Map with tag "hq-vpn" does not exist.
Note: **** is not my key. It has been removed for security reasons.
I would very much appreicate any help and suggestions.
I seem to be having a problem with my Point to Point IPsec setup. I am trying to set up my router to be the IPsec connection point for dynamic IPsec point to point tunnels. This is on a Cisco 1841 IOS: c1841-adventerprisek9-mz.151-4.M6.bin
Config:
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 86400
!
crypto isakmp key **** address 0.0.0.0 0.0.0.0
!
ip access-list extended IPSEC-TRAF
permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255
!
crypto ipsec transform-set TS esp-3des esp-md5-hmac
!
crypto map VPN 1 ipsec-isakmp dynamic hq-vpn
!
crypto dynamic-map hq-vpn 10
set security-association lifetime seconds 86400
set transform-set TS
match address IPSEC-TRAF
!
interface FastEthernet0/0
crypto map hq-vpn
Error Seen:
Core-RTR(config-if)# crypto map hq-vpn
ERROR: Crypto Map with tag "hq-vpn" does not exist.
Note: **** is not my key. It has been removed for security reasons.
I would very much appreicate any help and suggestions.
Brocade: BAIS, BACNS, BAEFS Cisco: CCENT, CCNA R&S CWNP: CWTS Juniper: JNCIA-JUNOS
CompTIA: A+ (2009), Network+ (2009), A+ CE, Network+ CE, Security+ CE, CDIA+
Mikrotik: MTCNA, MTCRE, MTCWE, MTCTCE VMware: VCA-DV Rackspace: CloudU
CompTIA: A+ (2009), Network+ (2009), A+ CE, Network+ CE, Security+ CE, CDIA+
Mikrotik: MTCNA, MTCRE, MTCWE, MTCTCE VMware: VCA-DV Rackspace: CloudU
Comments
-
networker050184
Mod Posts: 11,962 Mod
Your crypto map is called VPN not hq-vpn which is why you get the does not exist error.An expert is a man who has made all the mistakes which can be made. -
boredgamelad
Member Posts: 365 ■■■■□□□□□□
I think you need to change "crypto map hq-vpn" to "crypto map VPN". -
Corndork2
Member Posts: 266
Ah! That did it! Thanks everyone!Brocade: BAIS, BACNS, BAEFS Cisco: CCENT, CCNA R&S CWNP: CWTS Juniper: JNCIA-JUNOS
CompTIA: A+ (2009), Network+ (2009), A+ CE, Network+ CE, Security+ CE, CDIA+
Mikrotik: MTCNA, MTCRE, MTCWE, MTCTCE VMware: VCA-DV Rackspace: CloudU