IPSEC VPN not coming up.

mangesh.kamble · ‎03-24-2009

Dear All,

I was practicing for IPSEC VPN site-to-site, but was not able to see any ipsec sa output.

My network is like R1--R2 from R2 there are 3 different links getting connected to R3, R4, R5 respectively. And all this 3 routers are getting connected to R6 in similar fashion as R2.

Now R1-R2 and loopbacks of R2 are in OSPF area 1. R2, R3, R4, R5, R6 are all in area 0. And loopbacks of R6 are in Area2.

Here due to equal cost path loadbalancing is taking place. Now when I am trying to initiate IPSECVPN from R1 loopback 11 to R6 loopback 60, ISAKMP is coming ON. But IPSEC is not coming UP. I tried to do ping, telnet but I failed to test whether my VPN was working or not. Debug also did not worked for me. Could you please help me.

andrew.prince · ‎03-24-2009

in either side - is there a route in the routing table for the remote end? You will also need to check your "no-nat" to ensure your not natting before encryption

mangesh.kamble · ‎03-25-2009

Dear Andrew,

I have a route at both ends in my routing table. And there is no nat configred at all in the entire topology.

But still not working.

andrew.prince · ‎03-25-2009

post your configs for review, remove sensitive information.