I have found that in our GRE DSL environment, client workstations cannot perform a ping or a traceroute from their dos prompts to internal Domain controller servers going over a GRE tunnel. The resources are availabe to them, however they cannot run the ping. Clients receive an "unresponsive" message. I have verified that there are no ACL's blocking the ICMP request. Wanted to know if anyone else out there may be experiencing this. Thanks.
ok lets try a slightly different approach. First can you confirm that other end stations are able to ping and traceroute to the Domain controller (verify that the Domain controller is not rejecting the traffic)?
Second, if an end station does a traceroute, how far do you see the responses going?
I have confirmed that other end stations in the same Service Center where the GRE tunnel is implemented all have the same problem. On the traceroute the path goes to the peer address of the other end of the tunnel, that being the host VPN router back at Corp, and then it drops off. That output is straight off of the client cmd prompt. When I test from my local LAN connection on my machine outside of any GRE VPN tunnel configuration I can ping the DC just fine. I think this may have something to do with the encapsulation going through the VPN tunnel, what do you think?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :