I am using 5.0 vpn client to connect to pix 501 ipsec/udp.
Cisco Systems VPN Client Version 5.0.01.0600 Copyright (C) 1998-2007 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Windows, WinNT Running on: 5.1.2600 Service Pack 2
9 10:50:43.890 05/02/08 Sev=Warning/2 IKE/0xA3000067 Received an IPC message during invalid state (IKE_MAIN:507) 10 10:51:00.500 05/02/08 Sev=Warning/2 CVPND/0xE3400013 AddRoute failed to add a route: code 87 Destination 192.168.1.255 Netmask 255.255.255.255 Gateway 192.168.4.2 Interface 192.168.4.1 11 10:51:00.500 05/02/08 Sev=Warning/2 CM/0xA3100024 Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: c0a80401, Gateway: c0a80402. 12 10:51:24.890 05/02/08 Sev=Warning/2 IKE/0xA3000067 Received an IPC message during invalid state (IKE_MAIN:507)I have set up my ipsec vpn as followes. The lan subnet is 192.168.3.0. The vpn subnet is 192.168.4.0. After sucessful vpn connection, there is no route to lan machine. Where am I going wrong here? Thanks in advance,
name 192.168.3.0 LAN
access-list outside_cryptomap_dyn_20 permit ip LAN 255.255.255.0 192.168.4.0
255.255.255.0ip address inside 192.168.3.3 255.255.255.0
ip local pool ippool 192.168.4.1-192.168.4.254
nat (inside) 0 access-list outside_cryptomap_dyn_20 nat (inside) 1 0.0.0.0 0.0.0.0 0 0
crypto ipsec transform-set outside_set esp-des esp-md5-hmac crypto dynamic-map outside_dyn_map 10 set transform-set outside_set crypto map outside_map 10 ipsec-isakmp dynamic outside_dyn_map crypto map outside_map interface outside isakmp enable outside isakmp identity address isakmp nat-traversal 20 isakmp policy 10 authentication pre-share isakmp policy 10 encryption des isakmp policy 10 hash md5 isakmp policy 10 group 2 isakmp policy 10 lifetime 86400 vpngroup vpn3000 address-pool ippool vpngroup vpn3000 dns-server 192.168.3.29 vpngroup vpn3000 default-domain masmid.com vpngroup vpn3000 idle-time 1800 vpngroup vpn3000 password ********