cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
297
Views
0
Helpful
3
Replies

VPN 3000: LAN-to-LAN doesn't even start

hws_admin
Level 1
Level 1

I'm using two VPN 3000 concentrators. I have followed this document very closely:

http://www.vpnc.org/InteropProfiles/cisco-3000.pdf

The LAN-to-LAN session doesn't even start. I enabled AUTH*, IKE* and IPSEC* events, levels 1 through 13, and nothing of that sort shows up in the logs at all.

It's like the concentrators don't even attempt to establish the tunnel.

What could be the cause?

3 Replies 3

acomiskey
Level 10
Level 10

Are you initiating traffic to go over the tunnel? And if so, is that traffic routed to the local vpn3000?

Yes, I am trying to ping through the tunnel. Also, static routes are fine everywhere.

The two concentrators can ping each other on the public interfaces. There's no firewall between them (that I know of).

The thing is - there is NOTHING in the VPN logs, not even an attempt to establish the tunnel.

Hm, nevermind, I started from scratch, this time not using exactly the same protocols and encryption methods indicated in the document above, and now the tunnel is up and running.

I guess now I have to poke around and see which options work and which options don't.

Thanks!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: