VPN Casa - lavoro CISCO 857w

[iptables]

ciao a tutti,
sto cercando di connettermi da casa alla VPN aziendale ma non riesco ad autenticarmi (The peer is not responding to phase 1 ISAKMP requests). considerate che lo stesso pc funziona senza problemi se provo da altre reti dialup o ADSL.
uso un 857w configurato nel seguente modo (ho tagliato le parti non importanti IMO); cosa ho sbagliato o cosa manca nella config ?


##############

hostname 857W
!
no aaa new-model
!
dot11 ssid zzzzzzz
x!
no ip dhcp use vrf connected
ip dhcp excluded-address 10.10.10.1 10.10.10.99
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.0
default-router 10.10.10.1
dns-server 8.8.8.8 8.8.4.4
!
interface ATM0
no ip address
no atm ilmi-keepalive
dsl operating-mode auto
!
interface ATM0.1 point-to-point
pvc 8/35
encapsulation aal5mux ppp dialer
dialer pool-member 1
!
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface Dot11Radio0
no ip address
x
x
!
interface Vlan1
no ip address
bridge-group 1
!
interface Dialer0
ip address negotiated
ip nat outside
ip virtual-reassembly
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp authentication chap pap callin
ppp pap sent-username xxxxxxxxxx password 7 xxxxxxxxxx
!
interface BVI1
ip address 10.10.10.1 255.255.255.0
ip nat inside
ip virtual-reassembly
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip http server
ip http access-class 1
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 100 interface Dialer0 overload
ip nat inside source static tcp 10.10.10.5 25035 interface Dialer0 25035
!
logging trap errors
access-list 1 remark HTTP Access-class list
access-list 1 remark SDM_ACL Category=1
access-list 1 permit 10.10.10.0 0.0.0.255
access-list 1 deny any
access-list 100 remark SDM_ACL Category=2
access-list 100 permit ip 10.10.10.0 0.0.0.255 any
access-list 101 remark SDM_ACL Category=128
access-list 101 permit ip host 255.255.255.255 any
access-list 101 permit ip 127.0.0.0 0.255.255.255 any
access-list 102 remark SDM_ACL Category=128
access-list 102 permit ip host 255.255.255.255 any
access-list 102 permit ip 127.0.0.0 0.255.255.255 any
access-list 105 remark VTY Access-class list
access-list 105 remark SDM_ACL Category=1
access-list 105 permit ip 10.10.10.0 0.0.0.255 any
access-list 105 deny ip any any
dialer-list 1 protocol ip permit
no cdp run
!
control-plane
!
bridge 1 protocol ieee
bridge 1 route ip
xx
end

Grazie !!

[iptables]

ho provato ad aprire la porta 500 udp ma non risolve.

suggerimenti ?

[Leviatano]

uso un 857w configurato nel seguente modo (ho tagliato le parti non importanti IMO);

Ciao, mi sembra che hai tagliato un po' troppo, non vedo nulla delle policy ipsec.....
dando uno sguardo veloce hai abilitato anche il NAT, la vpn non funzionerà mai, a meno ché non configuri una policy di split tunneling tramite route map.

Lev