Solved: IPSEC VPN Tunnel establishment problems

mattiep00 · ‎08-25-2008

Hi Guys,

Having a few issues getting an IPSEC VPN tunnel established - can someone please look at the configs and see any errors? Also, I have included an isakmp debug from the main router which shows it connects but doesnt establish the connection. When I ping from the branch router I get no isakmp debugging messages. Thanks in advance,

Giuseppe Larosa · ‎08-26-2008

Hello Matt,

you are doing NAT too.

you need to change your NAT config on the branch so that:

traffic to the main site is not NATTED

NAT has to reference a route-map that uses an extended ACL

access-list 160 deny ip 34.92.128.0 0.0.3.255 34.92.148.0 0.0.3.255

access-list 160 permit ip 34.92.128.0 0.0.3.255 any

route-map NAT_to_Internet permit 10

match ip address 160

ip nat inside route-map NAT_to_Internet interface Dialer1 overload

Hope to help

Giuseppe

View solution in original post

Giuseppe Larosa · ‎08-26-2008