Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

*Newbie* Site to Site vpn problem

Hi,

I am new to the world of VPN.

I have a 2811 connected via the net to a VPN conncentrator.

Good news is VPN is up and working, 'UP-ACTIVE'.

How do I check that the routing is working? in respect of my LAN packets being recieved by the VPN conncentrator once the VPN tunnels is up and working.

I have a route to the VPN peer - ip route x.x.x.16 255.255.255.255. f0/0

Another route to the remote network on the other side on VPN conncentrator -

ip address 172.16.0.0 255.255.255.0 x.x.x.16.

I have been told the static should have a next-hop of the peer. Is this correct?

How can I check when I try to ping a device it is being encrypted? and reaches the vpn conncentrator

1 REPLY
New Member

Re: *Newbie* Site to Site vpn problem

Issue the command show crypto isakmp SA.

When the encrypt and decrypt counters increase, packet are encrypted.

You can also do a show ACL for the ACL you use to define traffic to encrypt. See if hits are increasing.

112
Views
0
Helpful
1
Replies
CreatePlease to create content