HR4110 and Cisco EasyVPN

Good morning,

I am attempting to configure a Sarian HR4110 to connect to Cisco EasyVPN server.

I’ve followed the instructions on how to do this from the web site which details how it works connecting to a PIX. In my situation I’m using a IOS router (2911). I’ve also changed the destination from 0.0.0.0 to our own internal subnet of 172.16.0.0/16.

My problem is that the tunnel comes up and all seems to be well but the Sarian is not allocated an IP address from the local pool. Correction, it is allocated an IP but I no route is created to it on the Cisco device.

In addition. A device attached to the Sarian cannot access a device on the Cisco side but can access the internet.

The EasyVPN server is already servicing a number of clients and is working as expected so I’m fairly sure that it’s configured correctly.

The analyser trace is attached.

Could anyone offer any advice?

Thanks a million,

Chris

– UPDATE

The device is receiving the IP address and then discarding it. It is then using the IP address of the subnet which in my case is 192.168.254.0.

Hello.

I figured this out so I’ll post the answer in case anyone else needs it.

On the Cisco side the configuration needs to have the network mask of 255.255.255.255 otherwise the Sarian will attempt to take the entire block.

My config now is like this:

crypto isakmp client configuration group
key
dns 172.16.0.1 192.168.17.2
domain mydomain.co.uk
pool SDM_POOL_1
acl 104
save-password
split-dns mydomain.co.uk
netmask 255.255.255.255

Hope it helps someone.

Chris