Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
224
Views
0
Helpful
1
Replies

*Newbie* Site to Site vpn problem

imran1979
Level 1
Level 1

‎01-15-2009 03:29 AM

Hi,

I am new to the world of VPN.

I have a 2811 connected via the net to a VPN conncentrator.

Good news is VPN is up and working, 'UP-ACTIVE'.

How do I check that the routing is working? in respect of my LAN packets being recieved by the VPN conncentrator once the VPN tunnels is up and working.

I have a route to the VPN peer - ip route x.x.x.16 255.255.255.255. f0/0

Another route to the remote network on the other side on VPN conncentrator -

ip address 172.16.0.0 255.255.255.0 x.x.x.16.

I have been told the static should have a next-hop of the peer. Is this correct?

How can I check when I try to ping a device it is being encrypted? and reaches the vpn conncentrator

Labels:
0 Helpful
1 Reply 1

marcelnjkoks
Level 1
Level 1

‎01-16-2009 03:47 AM

Issue the command show crypto isakmp SA.

When the encrypt and decrypt counters increase, packet are encrypted.

You can also do a show ACL for the ACL you use to define traffic to encrypt. See if hits are increasing.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents