06-11-2007 11:01 PM - edited 03-11-2019 03:28 AM
All,
I have an 2811 router with advanced security IOS, two site-site VPNs are terminated on it. On the public interface I added an ACL which allows IPSec traffic and EIGRP - that's the routing protocol to the neighbor Border router. IPSec tunnels are working, but I can't reach the border router however the EIGRP process is up - neighbor relation is up too. I also added inspection for SSH, SNMP (see attachment) but I can't reach the Border router from internal LAN with SSH, SNMP, but I can ping.
10.x.x.201 is Loopback on Border
10.x.x.2 is a PC on LAN
If you have any idea please share with me.
bye
FCS
06-19-2007 03:21 AM
Check the access list are created and applied on outside interface. Check these access list on both the devices and also check the source and destinations are properly given as per the scenoria.
06-19-2007 04:00 AM
What you mean to check? The problem is that the CBAC firewall drops the SSH connections as you can see in the attached file.
bye
FCS
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide