Solved: 3005 L2L issue

johnroche_2 · ‎09-14-2005

Hi

I have setup a L2L tunnel on a 3005, Phase1 and 2 are good.

On my end I have a network list on hosts that should be accessible to the far end.

On the far end I have one Host that should be able to access the devices in my network list.

From my end I can ping the far end.

From the far end they cannot ping my hosts. On the concentrator my end I get the following message in the log

Tunnel rejected: Policy not found for

Src:192.168.220.10, Dst: 10.0.0.0!

anyone any ideas?

gfullage · ‎09-14-2005

Your local and remote network/host lists on either end have to be the EXACT opposite of each other. The concentrator is receiving a tunnel request from the far end for traffic from 192.168.220.10 to 10.0.0.0, but the concentrator doesn't have that explicitly defined, and so it rejects the tunnel.

Always make sure the two ends have the opposite (and I mean exactly the opposite) traffic defined to be encrypted, otherwise you'll get errors like this.

View solution in original post

gfullage · ‎09-14-2005

Your local and remote network/host lists on either end have to be the EXACT opposite of each other. The concentrator is receiving a tunnel request from the far end for traffic from 192.168.220.10 to 10.0.0.0, but the concentrator doesn't have that explicitly defined, and so it rejects the tunnel.

Always make sure the two ends have the opposite (and I mean exactly the opposite) traffic defined to be encrypted, otherwise you'll get errors like this.