We have a VPN tunnel established from a VPN 3000 concentrator to a 2800 router. The tunnel appears to establish OK. One server behind the VPN concentrator can send data to a host behind the 2800 router, and the return traffic makes it to the 2800 router where it is NATed and encrypted. Everything looks good on the 2800. However, the VPN concentrator does not see any packets encrypted from the 2800.
The public end of the 2800 router goes through a FWSM on a Cat 6509. There are multiple tunnels on the 2800, and this is the only problematic one. I'm at a loss as to where the disconnect is. Does anyone have an idea?