Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

L2L VPN configuration question

I have a VPN concentrator 3002 series with 2-existing L2L VPN configured. Recently, I tried to add 1 more L2L connection but I am having problem with the phase 2 not being able to established (only phase 1 complete) and the log shows that it's associating the new L2L VPN configuration with 1 of the existing L2L configured. When I tried to disable the one that is associating with the new L2L configured phase 1 and phase 2 completes without any problem. One thing I notice with the one that is associating (conflicting) with new L2L configuration is there is a check mark with the option that says IPSEC NAT-T. Could this be the reason why it's associating with the new L2L connection. Thanks in advance for any help or ideas you can share.



Re: L2L VPN configuration question


I don't think this is a problem with NAT-T. It will only specify that there is a NAT device in between the VPN GW's. And it will use UDP4500 port.

Please check the following in your config:-

-remote peer address IP for all the 3 L2L vpns you have.

-crypto maps and their sequence nos

CreatePlease to create content