Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
308
Views
0
Helpful
3
Replies

VPN 3000: LAN-to-LAN doesn't even start

hws_admin
Level 1
Level 1

‎05-23-2007 11:31 AM - edited ‎02-21-2020 03:04 PM

I'm using two VPN 3000 concentrators. I have followed this document very closely:

http://www.vpnc.org/InteropProfiles/cisco-3000.pdf

The LAN-to-LAN session doesn't even start. I enabled AUTH*, IKE* and IPSEC* events, levels 1 through 13, and nothing of that sort shows up in the logs at all.

It's like the concentrators don't even attempt to establish the tunnel.

What could be the cause?

Labels:
0 Helpful
3 Replies 3

acomiskey
Level 10
Level 10

‎05-23-2007 12:22 PM

Are you initiating traffic to go over the tunnel? And if so, is that traffic routed to the local vpn3000?

0 Helpful

hws_admin
Level 1
Level 1
In response to acomiskey

‎05-23-2007 04:33 PM

Yes, I am trying to ping through the tunnel. Also, static routes are fine everywhere.

The two concentrators can ping each other on the public interfaces. There's no firewall between them (that I know of).

The thing is - there is NOTHING in the VPN logs, not even an attempt to establish the tunnel.

0 Helpful

hws_admin
Level 1
Level 1
In response to hws_admin

‎05-23-2007 04:51 PM

Hm, nevermind, I started from scratch, this time not using exactly the same protocols and encryption methods indicated in the document above, and now the tunnel is up and running.

I guess now I have to poke around and see which options work and which options don't.

Thanks!

0 Helpful
Customers Also Viewed These Support Documents