My question is: Are there limitations/nuances for configuring IPSec tunnels on Catalyst 6500s in software (without the VPN module).
I recently took over a management of a Catalyst 6500 and have run into a roadblock while trying to configure an IPSec tunnel. The tunnel comes up fine, I don't see any errors on either end, the SAs/IPs match, and the "interesting traffic ACLs" are incrementing as expected on both ends.
The problem is I can't ping across the tunnel. I thought this was a routing problem but the static route from the 6500 to the remote private server is in the routing table correctly.
All the configurations I've seen online are using the 6500 VPN Module. I can't believe that we would have to pay for a whole new card to set up 1 IPSec Tunnel. I think there has to be some nuance with the 6500 that I'm not aware of.
Thanks ahead of time.