DMVPN behind Nat and layer3 switch

Unanswered Question
Apr 19th, 2007
User Badges:

Has anyone seen this issue before,

I have several DMVPN sites all running fine. I need to setup one site behind a firewall(ASA) and segmented out on a seperate vlan(3750)

The Firewall has a routed vlan and is directly connected to the switch (vlan 99) the 1841 router (DMVPN SPOKE) is in vlan 100. Vlan 100 is a routeable vlan.

I have full connectivity to the Internet all other apps and functions are working. The dmvpn router (1841) has internet connectivity. The crypto SA's Keep expiring. No complete vpn connection. Here's the Kicker. If i place the 1841 in the same vlan as the ASA, It works fine. If i put a pix firewall in front of the 1841 router back in vlan 100 it works! If i put it back in vlan 100 with the vlan100 interface as the default gw it doesn't work!

I'm Not really sure where to start at on this issue.

Any Ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion