Configuring a Client to Site IKEv1 IPSec VPN Tunnel on a Cisco ISR Router

Configuring a Client to Site IKEv1 IPSec VPN Tunnel on a Cisco ISR Router

This guide shows how to configure an IKEv1 client to site IPSec VPN tunnel on a Cisco ISR router.






aaa new-model

aaa authentication login IPSEC_CLIENT_USER_AUTHEN local
aaa authorization network IPSEC_CLIENT_GROUP_AUTHOR local

username USER password 0 PASSWORD

crypto isakmp policy 1
encryption 3des
authentication pre-share
group 2

ip local pool IPSEC_CLIENT_IPPOOL_GROUP1 10.3.10.5 10.3.10.50

ip access-list extended IPSEC_CLIENT_GROUP1
permit ip 10.0.0.0 0.0.255.255 10.3.10.0 0.0.0.255
permit ip 10.1.0.0 0.0.255.255 10.3.10.0 0.0.0.255

crypto isakmp client configuration group group1
key cisco1234
dns 10.0.20.13 10.1.25.5
domain domain.com
split-dns domain.com
pool IPSEC_CLIENT_IPPOOL_GROUP1
acl IPSEC_CLIENT_GROUP1

crypto ipsec transform-set TS_CLIENT esp-3des esp-md5-hmac

crypto dynamic-map DM_CLIENT 10
set transform-set TS_CLIENT

crypto map IPSEC_VPN client authentication list IPSEC_CLIENT_USER_AUTHEN
crypto map IPSEC_VPN isakmp authorization list IPSEC_CLIENT_GROUP_AUTHOR
crypto map IPSEC_VPN client configuration address respond
crypto map IPSEC_VPN 10 ipsec-isakmp dynamic DM_CLIENT

crypto ipsec df-bit clear

interface gi0/0
crypto map IPSEC_VPN


Shrew Soft IPSec VPN Client




Did you find this page helpful?

PID: 20210409-00001

 

©2025 RMTechCentral Intellectual Property. All rights reserved.
Privacy   Disclaimers   Affiliates disclosure