Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

LAN2LAN VPN problem

Hi all

I am configuring a LAN 2 LAN VPN between 2 routers.

but on my side of the connection, i have

an unusual design,

the interesting traffic from my side from the VPN is the same IP range that is being used on router's Outside interface.

Assume that the REAL ip on the router is x.x.x.1, the interesting traffic has a source addresses x.x.x.1, x.x.x.2, x.x.x.3 ....

And on the other side (which i dont have access two, it does have the normal usual setup)

The config on my router is:



crypto isakmp policy 10

encr 3des

hash md5

authentication pre-share

crypto isakmp key MMBB#STC@33 address z.z.z.233


crypto ipsec security-association lifetime seconds 28800


crypto ipsec transform-set encryption esp-3des esp-md5-hmac


crypto map intelligit 10 ipsec-isakmp

set peer z.z.z.233

set transform-set encryption

match address 120




interface FastEthernet0/0

description Connected to internet

ip address x.x.x.42

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map intelligit


interface FastEthernet0/1

description Connected to LAN-SWITCH

ip address

ip nat inside

ip virtual-reassembly

duplex auto

speed auto


ip route x.x.x.41


ip http server

no ip http secure-server

ip nat translation timeout 5

ip nat pool ogero x.x.x.43 x.x.x.43 netmask

ip nat inside source list 100 pool ogero overload


logging history warnings

access-list 100 permit ip any

access-list 120 permit ip host x.x.x.42 host v.v.v.66

access-list 120 permit ip host x.x.x.43 host v.v.v.66

access-list 120 permit ip host x.x.x.44 host v.v.v.66

The Phase 1 is still not going up, the "Debug crypto isakmp" shows the info in the attached file

New Member

Re: LAN2LAN VPN problem

This is the debug output

CreatePlease to create content