- Bronze, 100 points or more
I have this 1811 model, with two physical interface FA0 and FA1, both connected to ISP. From these two BGP is running and we re using our own IP network.
There are three VPNs site to site with three equipments:
- Cisco router
All these three are connecting here to one of my own BGP network. In order to assing connectivity I defined Vlan interface
ip address 86.107.A.* 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
All these three VPN access the same resource, an internal server;
So for all three there are three access lists, like this:
access-list 100 permit ip Internal_CLASS VPN1_Remote
access-list 100 permit ip Internal_CLASS VPN2_Remote
access-list 100 permit ip Internal_CLASS VPN3_Remote
All three were on one crypto map:
crypto map NAME 10 ipsec-isakmp
crypto map NAME 20 ipsec-isakmp
crypto map NAME 30 ipsec-isakmp
applied on Fa1. Since Friday it stopped working;
So without any idead I moved VPN 1 crypto map on Fa0 which was free, and it's working fine.
But I am to assign another crypto map on Fa1: the tunnel goes up, but I have only Decapsulated Packets, and no Encapsulation Packets !!
What can I do in this case? Don't understand what went wrong !
Thanks in advance,