Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

EZVPN & DVTI - can't pass traffic...

This will be obvious when I find it but...

I am configuring an 877 router as an ezvpn server via SDM... The tunnel comes up but I can't pass any traffic to anything. Now here is the weird thing, if I debug ip packet on the virtual interface I see incoming pings and replies going back but they never arrive at the client, but if I try TCP to the LAN (EG DNS Lookup) then nothing appears either way. This is driving me nuts!!! The VT is unnumbered to loopback1 which has it's own IP subnet & the vpn pool is in that subnet. SDM says IOS fwall inactive if I look at the f/w settings between Virtual template and vlan 1 - not sure if this is important or not!! Both vlan and vt and loopback are NAT inside - do I need to exclude the VPN pool from the NAT translations?

"Test VPN server" says firewall isn't configured but the configure firewall link is dead!!

Can't post config as I have hung the (remote) router so need someone to reboot it for me in the morning (2330 here...& I'm off to bed!)

Any suggestions?

117
Views
0
Helpful
0
Replies