Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

clients behind cisco 3002 not getting to central site via 3015 IPSEC

I have configured a 3002 in our lab going back-to-back with a 3015 concentrator. I am new to both devices. I am getting IPSEC to come up, but can't seem to flow any data across the connection ... yet the ping utilities on the devices show that something is possible. Am I missing a static route or default gateway. What should be a good flowchart to troubleshoot?

1 REPLY
Cisco Employee

Re: clients behind cisco 3002 not getting to central site via 30

If your tunnel is up then you have a routing problem most probably. Make sure the default route on the 3002 points to the 3015's Public IP address since these are connected back to back.

On the 3015, make sure it's default route points to the 3002's Public interface. If you're doing NEM, then also make sure the 3015 has a route for the subnet behind the 3002, that points to the 3002's Public interface IP address.

For all your static routes dont make the next hop just the Public interface, actually specify the IP address of the other device, cause they won't proxy-ARP for anything and so you won't get anywhere.

92
Views
0
Helpful
1
Replies
CreatePlease to create content