As an aside, there is a nasty nasty problem with 3700 in GNS3, it cost me a lot of hours troubleshooting and hair pulling, hopefully you don't have to do through the same experience. Keep your eyes peeled for full output queue, or move to 7200; I think this is the correct URL but the website is not responding at the moment so cannot confirm:
http://7200emu.hacki.at/viewtopic.php?t=4755 Jerome On Wed, Dec 29, 2010 at 12:28 AM, Tyson Scott <[email protected]> wrote: > I have never tested with Group 1 but you will notice that it will timeout > on attempt failures long before it will use a policy with group 1 if it is > supported. Even when running newer code with 12.4(20) or greater there is a > default policy with DH group 2 but it never gets to the point of using it > before the max attempts is reached. > > > > Regards, > > > > Tyson Scott - CCIE #13513 R&S, Security, and SP > > Managing Partner / Sr. Instructor - IPexpert, Inc. > > Mailto: [email protected] > > Telephone: +1.810.326.1444, ext. 208 > > Live Assistance, Please visit: www.ipexpert.com/chat > > eFax: +1.810.454.0130 > > > > IPexpert is a premier provider of Self-Study Workbooks, Video on Demand, > Audio Tools, Online Hardware Rental and Classroom Training for the Cisco > CCIE (R&S, Voice, Security & Service Provider) certification(s) with > training locations throughout the United States, Europe, South Asia and > Australia. Be sure to visit our online communities at > www.ipexpert.com/communities and our public website at www.ipexpert.com > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Bruno > *Sent:* Tuesday, December 28, 2010 5:50 PM > *To:* kamran shakil > *Cc:* [email protected] > *Subject:* Re: [OSL | CCIE_Security] VPN-LAB QUESTION:- > > > > I think Easy Vpn is only supposed to work using Group2 as a requirement > > > > On Tue, Dec 28, 2010 at 2:23 AM, kamran shakil <[email protected]> > wrote: > > Experience to share : (need expert inputs on this ) > > In GNS3, i was using Router 3700 with ADV SECURITY 12.4(15)T image and i > noticed that whenever i use group 2 for REMOTE ACCESS VPN , it works but it > doesnt work if my isakmp policy is using group 1 ? is it limitation or > mistake on my side! > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > > > > -- > Bruno Fagioli (by Jaunty Jackalope) > Cisco Security Professional > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
