[c-nsp] VPN Client with Certificate's

Andy Allison aallison at lycos.co.uk
Thu Feb 23 09:08:15 EST 2006

Hi All,
We currently terminate VPN's on a 7206 with a VAM. We are looking at
integrating this with a CA Server. We can carry out the certificate
enrollement on the router & the VPN client, however when we try to connect
it is not successful. We have created 2 crypto isakmp policy's see below.

crypto isakmp policy 10

 encr 3des

 hash md5

 authentication pre-share

 group 2


crypto isakmp policy 20

 encr 3des

 hash md5

 authentication rsa-sig

 group 2


We have also removed the key from under crypto isakmp client configuration

The OU within the certificate match's the group name.


Has any one got a sample config's or any pointer's.


Thanks in advance


More information about the cisco-nsp mailing list