Problems with cisco 827h

Unanswered Question
Aug 6th, 2006
User Badges:

Hi, I?ve a 827h using c820-k9osy6-mz.123-8.T11.bin IOS version.

I try to configure a vpn with ipsec 3des pre-share key.

In my site is the 827h, in the other site a 1721.

Using SDM with the 1721, the software says that the vpn tunnel is up...but I can not ping machines.

My configuration (827H) is here added...

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
spremkumar Sun, 08/06/2006 - 21:16
User Badges:
  • Red, 2250 points or more


Two things which i wanted to point out here is the definition of interesting traffic and NATting the whole traffic going out.

You shouldnt nat the traffic pointed towards your remote vpn location(remote LAN) also the interesting traffic for encryption do configure the acl matching the lan to lan traffic.

for more info do refer this link..


globalnettech Mon, 08/07/2006 - 01:39
User Badges:
  • Silver, 250 points or more


with the current configuration, all your traffic is translated to the address of the ATM 0.1 interface. You already have access list 100 defined, but I think you are missing a few lines. Try and add the following:

ip Nat inside source route-map nonat interface ATM0.1 overload

access-list 100 deny ip

access-list 100 permit ip any


route-map nonat permit 10

match ip address 100

Can you try this and check if it makes a difference ?



edgar-quintana Mon, 08/07/2006 - 03:35
User Badges:


Thank you very much for reading and quickly response...

Today I can not try your new configuration, but this week I?ll try and I?ll answer you if there is any change ok?

Best regards!!!!!

edgar-quintana Thu, 08/10/2006 - 06:37
User Badges:


I?ve added a new vpn connection and insert your recomendation but noting... still getting the same error.

This is my configuration file:



This Discussion