ipsec dynamic LAN-TO-LAN peer and VPN clients

Unanswered Question
May 7th, 2008
User Badges:

Hello,experts. I tried hard to get this ipsec dynamic LAN-TO-LAN peer(between 851 and 857)and Cisco VPN clients working but no success.Can anyone shed some light here? Thanks in advance.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ROBERTO TACCON Sat, 06/07/2008 - 07:46
User Badges:

On the hub router there isn't on the crypto map the acl for the encrypted traffic:


match address 110

...

access-list 110 remark Site to Site VPN

ROBERTO TACCON Sat, 06/07/2008 - 07:53
User Badges:

also have you check the nat statement on the HUB router for the ippool 192.168.2.1 192.168.2.254:


ip access-list extended Internet

deny ip 192.168.5.0 0.0.0.255 192.168.10.0 0.0.0.255

deny ip 192.168.5.0 0.0.0.255 192.168.2.0 0.0.0.255

permit ip 192.168.5.0 0.0.0.255 any

Actions

This Discussion