vrrp and l2l vpn

Unanswered Question
Feb 24th, 2009

I have configured two 1841 routers(to a branch) with vrrp on inside and outside networks. I'm trying to get a L2L vpn tunnel up to my HQ where I have a ASA5520 setup. In my asa I have made a a tunnel to the vrrp ip on the wan link on the router, but the tunnel isen't working. Is there somthing wron with the setup.

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
adamclarkuk_2 Tue, 02/24/2009 - 07:21

As long as both your routers are not master (ie VRRP is doing it's thing) then all should be good, but I couldn't tell unless I could see the vpn config's of both the devices. Also, if you are using VRRP on the inside of your network, the VRRP must be the same for both side of your network otherwise the return traffic will go to the wrong box.

If the tunnel is not even coming up, then debug isakmp to see if Phase I is passing, if it is then debug ipsec to check phase II.

Actions

This Discussion