Hello. I have an 6500 VPN SPA Adapter. I run a site-to-site, digital certificate authentication scenario.
I have 2 Vlans in my crypto engine, one with a remote-access crypto map, the other with a site-to-site crypto map. I am only using now the site-to-site crypto map.
The IPsec negotiation completes successfully. Still, the traffic between ESN and PSN is not working.
ESN(220.127.116.11/24) - security gateway (18.104.22.168/16) ---- (22.214.171.124 - ipsec interface) cisco spa vpn adapter (126.96.36.199 - clear ip interface) --- PSN(188.8.131.52/8)
ping from 184.108.40.206 to 220.127.116.11 does not work
running sh crypto engine accelerator statistic all
I see packets dropped statistic incrementing a lot
I have attached my configuration. Please contact me for any other details that may prove useful for you at [email protected]. Thank you very much.