I`ve got a VPN running over ADSL using two 1721's. The VPN runs great but according to the config it shouldn't be. It shouldn't work at all and I can't figure out why it is working. My remote LAN is 10.44.159.65/27 so to match anything in that LAN for encryption I should theoretically use a Wildcard of 0.0.0.31, however, due to time constraints during installation I couldn`t get this working, shoved in 0.0.0.224 and b00m, up it came. Its been left like that. No we`re having Citrix connection trouble and I`d like the VPN side 100% correct before moving on. Can someone have a quick glance at these configs and maybe tell me if I`m right in saying it should be 0.0.0.31 and no 224. And why is 224 working when it shouldn't?
Re: Strange wildcard behaviour on VPN access list.
Thanks, you've just confirmed what I suspected. I didn`t realise before that the tunnel still operated without encryption.
Aha, somethings definitly broken somewhere. The remote router is 10.44.155.65 any traffic from this routers IP is matched by the crypto map. If i telnet into this router I can ping the main router, but can`t ping anywhere on the main LAN. So, if I change the .224 to .31 and match the whole remote LAN, they are going to exhibit the same symptoms and effectively drop off the world.
I would rather solve the remote routers ping problem first before changing my crypto map.
This document gives several answers on frequently asked questions for PFRv3 channel state behavior.
Q1: What are all the channel operational states from a BR (border role) perspective and what are the rules/conditions to be in each st...
The need was to reach an host inside a LAN through a VPN connection managed by the LAN gateway (Cisco 1921).
The LAN gateway performs NAT and there was a dedicate nat rule for the host i wanted to reach through VPN.
I couldn't connect to the hos...
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...