This symptom is usually a nat mixup. Check that your not NATing the traffic you want encrypted on the router, if you do it will not match the encryption policy and simply get routed/forward. Not knowing if the identified traffic should be NAT in yo...
I'd have thought that ip nat inside source list would do this for you, identifying the source and destination in the ACL to qualify for that specific source IP to that specific destination be NAT, while the same source to a different destination woul...
The best I can give you at the moment is probably.simply because I haven't done it myself. However Looking at the IOS syntax.. it looks like you can specify several transform sets in the IPSEC profile that you bind to the gre tunnel interface. Ther...
Is there an ACL on your upstream ISP/GW router that only allows SMTP to the NAT address of the ext server ip?Can you see reply traffic using capture?Any clues if you enable logging?Cheers, Jeremy.