Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Site-Site VPN Problem

Morning all,

I wonder if anyone has seen this problem before and knows what the issue is:

I've set up an site-site VPN between a 6503 and a 2600 internally, to mock what's going to happen when the 6503's move to a seperate site.

The tunnel comes up ok and I can ping the far end networks no problem (and vise versa). The problem comes if I try to telnet, ssh or basically use the

far networks in any way. Say for example I try to telnet to a switch there, the port seems to open but nothing happens (if I do it from DOS I get the blank

black screen showing the port is open). Same for SSH to a linux machine on one of the far networks.

The ports appear to open but I get no login prompts or anything. I can see the packets coming and going so it's really strange.

Have I just missed something really basic that you'll tell me in about 5mins or is this a deeper problem?




Re: Site-Site VPN Problem

are you getting bidirectional tunneled traffic?

sh cry ipsec sa

..and see if the encrypt/decrypt counters are increasing on both sides.

have you tried something other than this management traffic to test it? http? https? icmp? etc.

CreatePlease to create content