Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Help re IOS VPN!!!


I have an 827 with 12.2.4(T) and a 1720 with same. I create an IPSEC VPN between them but traffic is not seen inbound to the 1720 from the 827 when I look at sh cry ips sa.

If I ping from the 1720 to the 827 then look at sh cry ips sa on both I see that the echo request has gone throught to the 827 and its replied back thru the tunnel but it never gets decrypted back at the 1720.

I'm also running static nat at both ends but getting around it by use of route-maps in NAT statements (that is, denying NAT to traffic that should be tunneled).

Thanks in advance

  • Other Security Subjects
New Member

Re: Help re IOS VPN!!!

Usually it happens when you don't have matching ACLs on both side or one of your routers has more than one path to the remote side.

I would check ACLs and NAT tables.

This widget could not be displayed.