05-07-2008 06:07 PM - edited 02-21-2020 03:42 PM
Hello,experts. I tried hard to get this ipsec dynamic LAN-TO-LAN peer(between 851 and 857)and Cisco VPN clients working but no success.Can anyone shed some light here? Thanks in advance.
06-07-2008 07:46 AM
On the hub router there isn't on the crypto map the acl for the encrypted traffic:
match address 110
...
access-list 110 remark Site to Site VPN
06-07-2008 07:53 AM
also have you check the nat statement on the HUB router for the ippool 192.168.2.1 192.168.2.254:
ip access-list extended Internet
deny ip 192.168.5.0 0.0.0.255 192.168.10.0 0.0.0.255
deny ip 192.168.5.0 0.0.0.255 192.168.2.0 0.0.0.255
permit ip 192.168.5.0 0.0.0.255 any
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide