RV082 and Cisco 3620: how to make love?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by Vitls, Oct 24, 2007.

  1. Vitls

    Vitls Guest

    Hello All, I'm trying to set up a IPSEC tunnel between RV082 and Cisco 3620.
    Cisco side config:

    crypto isakmp policy 10 hash md5 authentication pre-share
    crypto isakmp key SKIBGATE address
    crypto map vpn 10 ipsec-isakmp
     set peer
     set transform-set skibtrans match address 101
    crypto ipsec transform-set skibtrans esp-des esp-md5-hmac
     mode transport
    interface Tunnel10
     description Tunnel to Linksys
     ip unnumbered Loopback0
     ip mtu 1440
     ip nat inside
     tunnel source FastEthernet0/1
     tunnel destination
    interface FastEthernet0/1
     ip address
     crypto map vpn access-list 101
    permit gre host host

    Linsys side config:

    Mode Client-to-GAteway

    --- Local Group setup ---
    IP Only
    IP address
    Local Sec Group Type: IP
    IP address

    --- Remote Group setup ---
    Gateway Type: IP Only
    IP address
    Remote Sec Group Type: IP
    IP address

    --- IPSec setup ---
    IKE preshared
    Phase1 Group1
    Phase1 Enc DES
    Phase1 Auth MD5
    Phase1 Lifetime 28800
    PFS none
    Phase2 Enc DES
    Phase2 Auth MD5
    Phase2 lifetime 3600
    Preshared key SKIBGATE

    The connection death during Phase2.The Cisco log is below:

    Oct 3 10:40:28 48487: 4d20h: IPSEC(validate_proposal_request): proposal part #1,
    Oct 3 10:40:28 48488: (key eng. msg.) INBOUND local=, remote=,
    Oct 3 10:40:28 48489: local_proxy= (type=1),
    Oct 3 10:40:28 48490: remote_proxy= (type=1),
    Oct 3 10:40:28 48491: protocol= ESP, transform= esp-des esp-md5-hmac ,
    Oct 3 10:40:28 48492: lifedur= 0s and 0kb,
    Oct 3 10:40:28 48493: spi= 0x0(0), conn_id= 0, keysize= 0, flags= 0x14
    Oct 3 10:40:28 48494: 4d20h: IPSEC(validate_transform_proposal): proxy identities not supported
    Oct 3 10:40:29 48495: 4d20h: ISAKMP (0:450): IPSec policy invalidated proposal
    Oct 3 10:40:29 48496: 4d20h: ISAKMP (0:450): phase 2 SA not acceptable!
    1. Does RV082 IPSec with GRE?
    2. How I need to setup cisco to make OSPF routing without GRE?

    Thank you.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice