VPN 3000: LAN-to-LAN doesn't even start

Unanswered Question
May 23rd, 2007

I'm using two VPN 3000 concentrators. I have followed this document very closely:

http://www.vpnc.org/InteropProfiles/cisco-3000.pdf

The LAN-to-LAN session doesn't even start. I enabled AUTH*, IKE* and IPSEC* events, levels 1 through 13, and nothing of that sort shows up in the logs at all.

It's like the concentrators don't even attempt to establish the tunnel.

What could be the cause?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Wed, 05/23/2007 - 12:22

Are you initiating traffic to go over the tunnel? And if so, is that traffic routed to the local vpn3000?

hws_admin Wed, 05/23/2007 - 16:33

Yes, I am trying to ping through the tunnel. Also, static routes are fine everywhere.

The two concentrators can ping each other on the public interfaces. There's no firewall between them (that I know of).

The thing is - there is NOTHING in the VPN logs, not even an attempt to establish the tunnel.

hws_admin Wed, 05/23/2007 - 16:51

Hm, nevermind, I started from scratch, this time not using exactly the same protocols and encryption methods indicated in the document above, and now the tunnel is up and running.

I guess now I have to poke around and see which options work and which options don't.

Thanks!

Actions

This Discussion