VPN site to site with dinamic IP, no connection to internal hosts

Unanswered Question
Feb 9th, 2010

I have a site to site VPN with a static IP address and a dynamic IP on the side of the static ip I have a ASA 5510 and the side of a router I have dynamic ip 850, according to configure the VPN as I said in ciscotacc.com page k23411061 case. Using L2Lgroup.

The VPN tunnel is created but if I can not ping internal hosts from both sides. Is that the nature of the vpn I can not ping the side of the static ip to dynamic ip, but inversely neither can.

Check also the IPSec statistics and see that side of the Cisco 850 if the packets are encrypted but do not reach back.

If anyone can help me.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
spremkumar Thu, 02/11/2010 - 04:33

Hi

Once your connected to the remote device have you checked the status of the ipsec tunnel in the router?

can you issue this command show crypto isakmp sa and check/paste the status here?

also if possible can you post the configs here ?

regds

FRANCISCO IBARRA Thu, 02/11/2010 - 15:02

hi

You could make the connection between the two sites, but had code that was causing me problems.

My question is I have the connection but at a certain time you fall, look at this forum and I find the idea of increasing the lifetime of ike time policy, if it is not official.

Thanks


Actions

This Discussion