Im having problems setting up a vpn connection between to routers. After the configuration is in both routers i turn on the debugs for isakmp and ipsec and theres is no outcome when i try to set the tunnel by pinging the remote host.
I need someone to contact so i can send him/her my configuration to verify everything is correct.
Theres is one single thing im not sure about. My Internet connection is as follows my wan ip is a private with the internet supplyer 10.0.0.102 and my ethernet ip is a public address 200.42.x.x. I have compared my configuration with some cisco examples and i notice that in most configurations the routers have 2 ethernets, one public and one private. The public one is the peer of the remote router and the private is the one to access. In my case the same network that serves as peer is the one to be access because my server is located int the same 200.42.x.x. Im not quite sure about this part.
Ive set vpn tunnels pix to pix and pix to vpn concentrator before, but i only have set router to router in labs.
The only thing that I can think of right off the top of my head is that the access list you have is not in the right order or you do not have an access list in place. I do believe Cisco do not should an access list in any of its config but they are needed in order to get the tunnel up. I just did a router to router vpn connection using a 1710 and a 1721 and that is what I ran into doing the configuration. Hope this Help!!!!
Thanks Alton for your reply. I solved the problem with cisco TAC assistance. The problem was based on the way that Internet is offered in the Dominican Republic by this specific supplyer. What i needed was to set the serial int to and unnumbered ip and refer to the fe interface, then i had to apply the crypto map to the serial interface refering also to the fe interface using the local-address command.
I pinged the remote host and finally the tunnel was stablish. Hope this stays on line for a while so other people can learn from my experience.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :