Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

The LAN-to-LAN tunnel on the Cisco VPN 3000 Concentrator private interface with software version 3.5 appears as a VCA/IPSec tunnel

Core issue

This issue occurs due to the presence of Cisco bug ID CSCdw42380.

When a LAN-to-LAN tunnel on the VPN concentrator is created to any device through the private interface (under Monitoring Sessions or under Administer Sessions), it appears under the Management Sessions as a Virtual Cluster Agent (VCA)/IPSec rather than as a LAN-to-LAN tunnel.

Note: This issue does not interrupt the traffic.

What is LAN-to-LAN VPN?

LAN-to-LAN Virtual Private Network (VPN) is also known as a Site-to-Site VPN, It is a secure and encrypted connection, or tunnel, which connects two diferent networks together. This type of VPN is available to departments who require access to applications or networks maintained by other organizations located outside of the University network.

A LAN-to-LAN VPN is used where the use of a Remote Access VPN is not possible to implement.

L2L VPN.jpg


In order to resolve this issue, perform these steps:

  • Do not terminate the tunnel on the private interface.

  • Download and upgrade the software version to any of these versions:

    • 3.6(6)REL

    • 3.6(7)REL

    • 4.0(0)REL

VPN Tunnel End Points

VPN 3000 series

Any end point

Selected PIX or Router Commands


VPN Protocols


Version history
Revision #:
1 of 1
Last update:
‎06-17-2009 10:12 PM
Updated by:
Labels (1)