08-25-2008 10:50 PM - edited 03-03-2019 11:16 PM
Hi Guys,
Having a few issues getting an IPSEC VPN tunnel established - can someone please look at the configs and see any errors? Also, I have included an isakmp debug from the main router which shows it connects but doesnt establish the connection. When I ping from the branch router I get no isakmp debugging messages. Thanks in advance,
Solved! Go to Solution.
08-26-2008 02:44 AM
Hello Matt,
you are doing NAT too.
you need to change your NAT config on the branch so that:
traffic to the main site is not NATTED
NAT has to reference a route-map that uses an extended ACL
access-list 160 deny ip 34.92.128.0 0.0.3.255 34.92.148.0 0.0.3.255
access-list 160 permit ip 34.92.128.0 0.0.3.255 any
route-map NAT_to_Internet permit 10
match ip address 160
ip nat inside route-map NAT_to_Internet interface Dialer1 overload
Hope to help
Giuseppe
08-26-2008 02:44 AM
Hello Matt,
you are doing NAT too.
you need to change your NAT config on the branch so that:
traffic to the main site is not NATTED
NAT has to reference a route-map that uses an extended ACL
access-list 160 deny ip 34.92.128.0 0.0.3.255 34.92.148.0 0.0.3.255
access-list 160 permit ip 34.92.128.0 0.0.3.255 any
route-map NAT_to_Internet permit 10
match ip address 160
ip nat inside route-map NAT_to_Internet interface Dialer1 overload
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide