I have an 871 router terminating a site to site VPN tunnel. The remote 871 uses DHCP on the WAN so the HQ side is configured using a dynamic crypto map. Thru troubleshooting, it appears the isakmp part is coming up. The tunnel establishes when you do a "sh crypto isakmp sa". We have a Linksys Firewall/Router plugged in in front of the 871. I was told that we need to port forward the IPSEC ports thru the Linksys for the tunnel to come up completely. I have IPSEC VPN PassThrough enabled and am trying to port forward ESP/AH. The ports are IP Protocols for these and not TCP/UDP ports. I have UDP 500 forwarded. Has anyone run into problems with this type of setup? Thanks.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...