VPN Connection between RV042 and Cisco 1760

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

Hello,
I have a working cisco 1760 working as a vpn server that uses group
authentication. I am able to connect to it using the cisco vpn
client. I just purchased a linksys/cisco rv042 router hoping that it
would easily be configured to open a tunnel to the cisco 1760 router.
However I wasn't able to configure it. Was anyone able to establish
such a connection successfully?

Thanks,

Mustafa

 

[Guest]

Archived from groups: comp.dcom.vpn (More info?)

With a little help from Cisco I was able to do this.

You need to set the RV062 to use the same protocols you are using with
the cisco vpn server. Including DH group, encryption and
authentication.

I added the following to the cisco router:

crypto isakmp key <key as defined in linksys> address <linksys wan ip>

crypto isakmp profile hw_vpn
match identity address <linksys_ipaddr>

crypto ipsec transform-set hwset esp-3des esp-sha-hmac

access-list 160 permit ip <cisco_internal_net> <linksys_internal_net>

crypto map clientmap 5 ipsec-isakmp
set peer <linksys_ipaddr>
set transform-set hwset
match address 160

This established a connection to my router. I had to tweak my access
lists to stop nat from changing ip address going to linksys internal
network.

Everything works great now, the connection seems to be faster than the
connection with the software client.

 

[Guest]

I keep receiving :ISAKMP🙁0:0:N/A:0):Notify has no hash. Rejected. and Phase 1 never comes up.... Im stuck in MM_NO_STATE

Can you tell me how you setup the LInksys side and the full cisco config?

Thanks

W

Archived from groups: comp.dcom.vpn (More info?)

With a little help from Cisco I was able to do this.

You need to set the RV062 to use the same protocols you are using with
the cisco vpn server. Including DH group, encryption and
authentication.

I added the following to the cisco router:

crypto isakmp key <key as defined in linksys> address <linksys wan ip>

crypto isakmp profile hw_vpn
match identity address <linksys_ipaddr>

crypto ipsec transform-set hwset esp-3des esp-sha-hmac

access-list 160 permit ip <cisco_internal_net> <linksys_internal_net>

crypto map clientmap 5 ipsec-isakmp
set peer <linksys_ipaddr>
set transform-set hwset
match address 160

This established a connection to my router. I had to tweak my access
lists to stop nat from changing ip address going to linksys internal
network.

Everything works great now, the connection seems to be faster than the
connection with the software client.