1721 Router VPN config help

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Hi all

I am getting myself into Cisco VPN stuff, I have the Cisco windows client,
which as far as I can make out is pretty easy to configure, the router
config though is proving to be a bit more of a struggle, below is the config
as best I could gather from Cisco's site, can anyone see where I'm going
wrong? it doesn't seem to be blatantly obvious, not to me anyway..!!

Thanks in advance.

For obvious reasons some of the config has been omitted
----------------------------------------------------------


aaa new-model

!

!

aaa authentication login cisco local

aaa authorization network cisco local

aaa session-id common

enable secret 5 $1$/0E2$Q667leuW8jel3wn8NJ8GS/

!

username cisco password 0 cisco123

!

!

crypto isakmp policy 3

 authentication pre-share

 group 2

!

crypto isakmp client configuration group vpnclient

 key cisco123

 dns 192.168.0.4

 wins 192.168.0.4

 domain dens.home.com

 pool ippool

!

!

crypto ipsec transform-set myset esp-des esp-md5-hmac

!

!

crypto dynamic-map dynmap 10

 set transform-set myset

 reverse-route

!

!

crypto map clientmap client authentication list dennis

crypto map clientmap isakmp authorization list dennis

crypto map clientmap client configuration address respond

crypto map clientmap 10 ipsec-isakmp dynamic dynmap

!

!

!

!

interface Loopback0

 ip address 192.168.2.1 255.255.255.0

 ip nat inside

!

interface BRI0

 no ip address

 shutdown

!

interface FastEthernet0

 ip address 192.168.0.20 255.255.255.0

 ip nat inside

 speed 10

 half-duplex

!

interface Serial0

 bandwidth 10000000

 ip address 172.16.1.2 255.255.255.252

 ip nat outside

 ip policy route-map vpn-client

 no fair-queue

 clockrate 8000000

 crypto map clientmap

!

router rip

 version 2

 network 172.16.0.0

 network 192.168.0.0

 no auto-summary

!

ip local pool ippool 10.1.1.1 10.1.1.2

ip nat inside source list 101 interface Serial0 overload

!

!

access-list 101 permit ip any any

access-list 144 permit ip 10.1.1.0 0.0.0.255 any

!

route-map vpn-client permit 10

 match ip address 144

 set interface Loopback0



Site Timeline