I am stuck with an Easy VPN issue. The VPN is between a Cisco 877 IOS 12.4(11)T2 acting as an Easy VPN client and the Cisco VPN Concentrator 3015 Ver 4.1.7 as the VPN server.
The tunnel comes up successfully. The following is the output of:
show crypto ipsec client ezvpn 1721
Easy VPN Remote Phase: 6
Tunnel name : 1721
Inside interface list: BVI1
Outside interface: Dialer0
Current State: IPSEC_ACTIVE
Last Event: MTU_CHANGED
Address: 207.x.243.139 (applied on Loopback10000)
DNS Primary: 207.x.241.11
DNS Secondary: 207.x.241.76
Save Password: Allowed
Current EzVPN Peer: xxx
THe VPN concentrator has been configured to tunnel everything. Now all traffic to Internet also must go through the VPN concentrator but it goes directly to the ISP cloud and bypasses the tunnel. So, internet works but bypassing the tunnel.
The tunnel though up is unable to send traffic through it.
I am also enclosing the running configuration of the problemmatic 877 router.
Additionally, with the same configuration on another 1721 router, it works. So, i believe that the problem lies only on the
877 router (EasyVPN client) and not the VPN server (VPN Concentrator 3015)
I am also enclosing the running configuration of the working 1721 router.
I am sorry if i was not clear enough in my previous post.
To make it simple, i would like to know if anyone of you have configured 877 router successfully as an Easy VPN client. If yes, i would like to get the config from you. You could take off the sensitive details like IP addresses, passwords etc and share it with me.
I will compare them with mine and figure out the gap.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...