Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

L2TP + IPSec = output crypto map check failed

I had following problem. Cisco 2651 acts as LNS server for L2TP connections, LAC is WinXP. Network topology:

fa/0.901 has address adn fa0/0.900 has address . When clients from subnet connect to , everything works perfect - IPSec protected L2TP tunnel comes up. The same happens when clients from subnet connect to . But when client tries to connect to address from different network ( to and to, it does not work.

Debug output and Cisco config are attached.

I found nothing similar to my problem on Internet. Is this a bug or I missed something?

New Member

I am also facing this issue.

I am also facing this issue. how did you solved it?

New Member

First of all, since crypto

First of all, since crypto map is used, it will work only on physical interface that belongs to same subnet - this is how crypto map works.

I tried to set up loopback interface and to make clients to connect to loopback's IP. That did not work too. So I ended up with clients connecting to the "closest" physical interface and with split DNS.