11-05-2007 02:13 AM - edited 02-21-2020 03:21 PM
I have setup a site to site vpn and during testing I am trying to telnet to a device at the other end of the vpn tunnel on port 80 to simulate web access. The tunnel initiates but no traffic is passed and the telnet times out. Once the tunnel is setup and I try again straight afterwards I can connect successfully, it only seems to be the first connection that drops while the tunnel is forming can someone tell me what I have done wrong please?
11-12-2007 07:12 AM
There might be many reasons that a VPN tunnel fails to come up on a router. However, one of the most common reasons is if a router is also configured for a VPN Client connection.
In order to resolve this issue, use the no-xauth keyword with the command crypto isakmp key if router-to-router IPsec is on the same crypto map as a VPN Client-to-Cisco-IOS IPsec. This keyword prevents the router from prompting the peer for Xauth information (username and password).
11-12-2007 07:24 AM
The site to site vpn has been setup between two firewalls would this cause the same issues as above?
11-16-2007 07:49 AM
It is quite normal for the first "interesting traffic" flow to timeout whilst the vpn session is esablished.
Try using a ping to bring the tunnel up, you will see the first 1 or 2 pings timeout and then succeed. If you try the telnet then it will work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide