EZVPN & DVTI - can't pass traffic...

Unanswered Question
Jun 9th, 2009
User Badges:

This will be obvious when I find it but...

I am configuring an 877 router as an ezvpn server via SDM... The tunnel comes up but I can't pass any traffic to anything. Now here is the weird thing, if I debug ip packet on the virtual interface I see incoming pings and replies going back but they never arrive at the client, but if I try TCP to the LAN (EG DNS Lookup) then nothing appears either way. This is driving me nuts!!! The VT is unnumbered to loopback1 which has it's own IP subnet & the vpn pool is in that subnet. SDM says IOS fwall inactive if I look at the f/w settings between Virtual template and vlan 1 - not sure if this is important or not!! Both vlan and vt and loopback are NAT inside - do I need to exclude the VPN pool from the NAT translations?

"Test VPN server" says firewall isn't configured but the configure firewall link is dead!!

Can't post config as I have hung the (remote) router so need someone to reboot it for me in the morning (2330 here...& I'm off to bed!)

Any suggestions?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion