Question : VPN Tunnel between draytek vigor 2700 and cisco router

Hi,
I am trying to configure an IPSec tunnel between a cisco router and a draytek vigor 2700 series router. However, they don't seem to be negotiating Phase-1 parameters. I have throughly checked my settings in vigor and cisco which seem ok to me but i'm missing something in phase-1 parameters (possibly in the vigor 2700 series) which is why its not establishing the tunnel. Given below is an output of show crypto isakmp on the Cisco router

VPN-Hub#sh crypto isakmp sa | section 165.228.142.37
165.228.142.37  203.38.180.222  MM_NO_STATE          0    0 ACTIVE

The config for cisco router vpn is given below and ive attached snapshots of the vigor...Your help will be really appreciated !
Code Snippet: 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:

crypto isakmp policy 15
 encr aes
 hash md5
 authentication pre-share
 group 2
 
crypto isakmp key xxx address 165.228.142.37
!
crypto ipsec transform-set ho_yha_darwin esp-aes 256 esp-sha-hmac
!
 
crypto map cj_map 130 ipsec-isakmp
 set peer 165.228.142.37
 set transform-set ho_yha_darwin
 match address HO_YHA_Darwin
 
Extended IP access list HO_YHA_Darwin
    10 permit ip 10.152.0.0 0.0.0.255 10.144.18.0 0.0.0.255 (30 matches)
    20 deny gre any any
    30 deny ip any any
 
And finally applied the cj_map on Pub interface of this router
Open in New Window
Select All

Answer : VPN Tunnel between draytek vigor 2700 and cisco router

Hi,

The config seems good...
Could you show me the 'deb cry isa' and 'deb cry ip' logs?
Random Solutions  
 
programming4us programming4us