Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Site-to-Site IPSEC

Hello, experts

I'm a new gay with IPSEC and I have a problem...

I have configured site-to-site IPSEC and the tunnel is up, but I have no acces between two internal networks(defined as interesting traffic).

There is a point-to-point connection between me and local ISP. I have /29 network routed to my network. I'm using loopback interface with /32 address from that network for peer configuration (there is the crypto map command). I can ping it from outside.

When I'm using extended ping with source address - my internal address ip address - I can ping host from interesting network, but only from local router.

When I'm trying to ping from internal host - the packets do not enter in the tunnel (sh crypto ipsec sa - sent packets counter doesn't increment).

When host from remote network try to ping local host it receives "Request time out", but received packet counter increments.

I put static route to remote network through loopback interface..

Thank you!

217
Views
0
Helpful
0
Replies