my new voice vlan is not passing throught vpn router to remote branch

Breeze Kuriakose · ‎04-22-2012

Hi i have a voice setup main office in dubai and brach office in Nigeria

Connected via vpn router The person who configured VPN That time it was only one voice vlan 100 (192.168.17.0)

Later because of ip for vlan 100 is over i created new VLAN 75 (192.168.75.0) but the voice call to nigeria who is having vlan 75 is not going.

I checked the VPN ROUTER put the access list as simila which is given for vlan 100 to vlan 75 . But still its not going .

When i do a ping from core switch

ping 192.168.27.1 source vlan 75 (ip on the nigeria uc560) not pinging

ping 192.168.27.1 source vlan 100 its pinging .

Iam not much good in Routing and access lists VPN thinks . can any body look in to the vpn router config , core switch config , uc560 in nigira site .

Can any body give what extra comman i should inculede in which device

Breeze Joseph Kuriakose Sr Network Engineer

DuncanM2008 · ‎04-22-2012

Hello, what type of VPN is it? Can you post the relevant configuration of the VPN routers?

Dunc.

Sent from Cisco Technical Support iPhone App

csarto · ‎04-22-2012

You need also to modify the ACL 180 on UC560 associated with cryptomap :

access-list 180 permit ip 192.168.22.0 0.0.0.255 192.168.96.0 0.0.15.255

access-list 180 permit ip 192.168.22.0 0.0.0.255 192.168.75.0 0.0.0.255 ! missed line

With this ACL you define that traffic from 192.168.22.0 0.0.0.255 to 192.168.75.0 0.0.0.255 and viceversa is encrypted traffic.

You can verify also with a show crypto ipsec sa

regards