Cisco Support Community
Community Member

IPSec tunnel and traceroute

Doing a traceroute from my cisco switch (happens with the pcs too) through an IPSec tunnel between a pix running 6.2 and 7.0.2 code... appears to scramble the response ip's.... I am getting non existant ip's for responses... does this sound like a bug..?? I can't find it anywhere on the site here.

Community Member

Re: IPSec tunnel and traceroute

Sounds very strange. Usually the behaviour you see when sending a tarceroute across a PIX L2L VPN is that niether PIX FWs show up. They are like an invisible hop. However you are running 6.2 on one of them and I cannot recall the behavior of the 6.2 code. You may want to update that PIX to 6.3(4).


Community Member

Re: IPSec tunnel and traceroute

Actually I am not seeing the pixes in the hop... what I am seeing is the router behind the pix after it gets through the tunnel... but the ip address that is being reflected is wrong!

CreatePlease to create content