12-21-2008 01:04 AM - edited 02-21-2020 04:06 PM
Dear all,
kindly check Dynamic & static Lan -to-Lan IPSEC VPN Tunnels configuration.
static is working for branchoffice-1, Dynamic is not working for branchoffice-2, it will be great if any one could do the needful.
thanks & regards
12-21-2008 10:46 AM
Zak,
You can apply one crypto map to the outside interface of the ASA. So, you need to link your dynamic crypto map to the already existing crypto map that is applied outside.
Remove the below line:
crypto map dyn-map 10 ipsec-isakmp dynamic
hwic-router
And Reconfigure it to:
crypto map outside_map 65535 ipsec-isakmp dynamic hwic-router
Regards,
Arul
*Pls rate all helpful posts*
12-21-2008 11:42 PM
many thanks....
I applied the above statement... but still, tunnel is not up. Can i clear isakmp and check ? it will bring tunnels up.
please awaiting for your response
and see the below test result in 1841 router.
Failure Reason(s)
There is no response from the peer 65.190.88.5
Recommended Action(s)
1) Ensure that the peer device is configured properly. Generate the mirror configuration from 'Configure->VPN->Site to site VPN->Edit Site to Site VPN' and match it with the peer configuration. 2) A firewall in the network or peer device may be blocking the VPN traffic. Contact the ISP or administrator to resolve this issue.
thanks & regards,
12-22-2008 10:44 PM
Good day,
Dear, even I clear crypto isakmp from ASA side, still not up. can u show me this, when I tracert or ping from IOS-1841 router to my target network, I can see packet are capsul. from 1841, but not decapsul. another thing is my first hob is my gateway, after that all are astrick till 30 hob, atleast It have to ping my peer. anything missing in 1841 configuration.
If anyupdates, please
thanks & regards,
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: