Hey all, I'm having an issue that I cant figure out. I've done this config countless times and I successfully test the config. Today though I can not bring the tunnel up and the Cisco VPN Client login screen to pop up which usually confirms to me that at the very least the connection is establishing and is awaiting Phase 1.5.
This is the error message that I get: *%CRYPTO-6-IKMP_MODE_FAILURE: Processing of Aggressive mode failed with peer at 10.100.22.10* The layout is as follows: ------subnet 10.100.10.0/24------------------fa0/0.10-*R1*-fa0/0.11 (10.100.11.1)--------------*SW01*--Vlan22 (10.100.22.11)-----------------|----------------------*TEST PC*(10.100.22.10) The EZVPN Server (R1) config is: ip local pool EZVPN 20.0.0.1 20.0.0.254 ip access-list standard SPLIT-TUNNEL permit 10.100.10.0 0.0.0.255 aaa authentication login EZVPN local aaa authorization exec EZVPN local crypto isakmp policy 10 encr 3des hash md5 authentication pre-share group 2 crypto isakmp client configuration group EZVPN key CISCO pool EZVPN acl SPLIT-TUNNEL crypto isakmp profile EZVPN-ISAKMP-PROFILE match identity group EZVPN client authentication list EZVPN isakmp authorization list EZVPN client configuration address respond crypto ipsec transform-set EZVPN esp-3des esp-md5-hmac crypto dynamic-map DYNAMIC 10 set transform-set EZVPN reverse-route crypto map EZVPN 10 ipsec-isakmp dynamic DYNAMIC interface fa0/0.11 crypto map EZVPN router ospf 1 redistribute static subnets What could I be doing wrong
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
