Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

6500 running BGP w/ SPA-IPSEC-2G

We are having trouble bringing up some IPsec tunnels on a 6500 w/SPA-IPSEC2G (which also has BGP and HSRP running).

The B side can ping us and it establishes the tunnel, however when it is established, they can't ping our devices, and on our side we can't even generate interesting traffic to bring the tunnels up.

As the tunnel does come up, I don't think it is a IPSec issue but rather a routing or access-list issue, I think the problem is that the IPs we are trying to ping are public IPs which are also visible on the global routing table, so when we run a traceroute, it leaves via an upstream, but fails en-route.

I'm sure I am missing something quite simple. Any ideas?

CreatePlease login to create content