Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
3
Replies

VPN up but can't access remote network

1uptechologies
Level 1
Level 1

‎01-21-2009 01:43 PM

Hi everyone,

I have established a L2L VPN between my Cisco 851 and the remote sites Watchguard. The tunnel comes up fine. From the local side I can ping the remote host only if I set the source address of the packets to the routers vlan1 address. From the remote side I can ping the routers vlan1 address but I can't get pass the router to any of my local devices. I have been over and over my acl's for standard access, ipsec, and nat and all looks well. Anyone have any suggestions?

Labels:
0 Helpful
3 Replies 3

Yudong Wu
Level 7
Level 7

‎01-21-2009 02:41 PM

How about routing? Do all devices on 851 side know how to reach the Watchguard side via 851 router?

You can check encry/decry counter in "show crypto ipsec sa" to see which one is not incrementing.

0 Helpful

1uptechologies
Level 1
Level 1
In response to Yudong Wu

‎01-21-2009 03:04 PM

Routing is the problem. I added a route to a windows computer and I was then able to ping the remote network. However, I attempted to add the route to the cisco 851 and it doesn't seem to make a difference. Any suggestions?

0 Helpful

Yudong Wu
Level 7
Level 7
In response to 1uptechologies

‎01-21-2009 03:08 PM

851 just need routes to its all local networks and the route to the remote network.

Can you post your config here and let me know which remote IP network you wound like to access?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents