Unanswered Question
Nov 17th, 2007

I dont think my sysopt connection permit-ipsec is working, as even if I add that line I am not able to communicate over RA-VPN (though its getting establishing) unless I explicitly allow that traffic using ACL. Any other way to check if its working, or you think other way. If its not working how to make it work??

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ajagadee Sun, 11/18/2007 - 09:47

Where is the Crypto map and ACL applied. Is the ACL Outside to Inside or Inside to Outside.

Sysopt Connection permit IPSEC or VPN is only applicable on the interface where the VPN traffic is getting decrypted. So, if you have sysopt connection permit ipsec on the outside interface and ACL on the inside interface or DMZ , you need to permit return traffic on the ACL applied on the inside or DMZ.

I hope it helps.




This Discussion