cisco anyconnect secure mobility client with ikev2

Hello guys!

Lately I configure a VPN implementation using IKEv2. the goal is to establish a VPN connection between the router and a remote client that is "anyconnect"

Unfortunately it doesn't work  and i don't know really  where is the problem Sad if there is someone can help me i'll be gratefull.

this is my config:

crypto pki truspoint flexvpn-CA

enrollment selfsigned

serial-number

ip addres 10.10.10.2

subject-name cn=flex-hub.jarsfe.test.ma

revocation-check none

crypto pki certificate map CMAP 10

 

 

ip local pool AC 10.10.10.5 10.10.10.45

crypto ikev2 authorization policy AC

pool AC

crypto ikev2 proposal pro

encryption 3des aes-cbc-128

integrity sha1

group 5 2

 

crypto ikev2 policy POL

match fvrf any 

proposal PRO

 

crypto ikev2 profile PRO

match certificate CMAP

identity local dn

authentication remote rsa-sig

authentication local rsa-sig

pki trustpoint flexvpn-CA

aaa authorization group cert list default AC

virtual-template 1

no crypto ikev2 http-url cert

 

crypto ipsec transform-set TRA  esp-3des esp-sha512-hmac

 

crypto ipsec profile PRO

set transform-set TRA

set ikev2-profile PRO

 

interface virtual-template1 type tunnel

ip unnumbered f0/1

tunnel mode ipsec ipv4

tunnel protection ipsec profile PRO

Sign In or Register to comment.