Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

EzVPN w/ 2811 & CCP, clients received 0 packets

Hi all,

I've tried to create a EzVPN server on my 2811 router, I've try many options and try to clear firewall settings.

Clients can connect, with CISCO VPN Client 5.007.0290, but they allways not receiving 0 packets.

CCP version is 2.3, and IOS is 2800 advanced ip service, 150-1.M4. , also i've try 124-15.T12

any comment is appreciated

update: I've recreated a vpn from a "fresh" config. removed "dpd" now iphone client can login but like pc clients, 0 packets received.

enclosed is the new config and the "sh crypt ipsec sa" result.

Everyone's tags (3)
2 REPLIES

Re: EzVPN w/ 2811 & CCP, clients received 0 packets

First of all, you do not need the secondary ip addresses on your public interface:

ip address x.x.x.85 255.255.255.240 secondary

ip address x.x.x.86 255.255.255.240 secondary

ip address x.x.x.87 255.255.255.240 secondary

ip address x.x.x.88 255.255.255.240 secondary

Also, take note that EzVPN encapsulates ESP in UDP (to allow nat).

Therefore, acl's matching esp are possibly not correct.

regards,

Leo

New Member

Re: EzVPN w/ 2811 & CCP, clients received 0 packets

thanks, i've just post update config/results above.

705
Views
0
Helpful
2
Replies
CreatePlease to create content