cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
458
Views
0
Helpful
4
Replies

Problems with Easy VPN Server.

julios
Level 1
Level 1

Hi.

I configured a C2811 as Easy VPN Server. I made successfull VPN connections but i can't ping internal networks.

I read on this forum some issues related to NAT. I took in account all of theme, but i still can't ping internal servers.

I saw statistics on VPN Client and the decrypted bytes counter ever is "0".

I attached configuration.

Thanks in advanced.

1 Accepted Solution

Accepted Solutions

slmansfield
Level 4
Level 4

Just wondering whether you verified routing to/from the client address pool to/from your servers. Since you don't have a routing protocol configured, it might be one thing to check.

HTH

View solution in original post

4 Replies 4

slmansfield
Level 4
Level 4

Just wondering whether you verified routing to/from the client address pool to/from your servers. Since you don't have a routing protocol configured, it might be one thing to check.

HTH

Thanks for your message.

I verified routing and I guess is fine. But i can't ping nothing, for example a directly connected interface like Fa0/0 on 2811.

I really concerned about why i didn't see decrypted packets. I think because we dont have return traffic.

Hi and Thanks a lot.

You resolved my problem. Let me show you.

I eliminated RRI (Reverse Route Injection) for my VPN group and add a explicit route like that:

ip route 10.20.X.X 255.X.X.X Loopback 0

A route that points to crypto map applied interface and that's all. 10.20.X.X is VPN pool network.

That's great! Thanks for the rating.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: