Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Problems with Easy VPN Server.

Hi.

I configured a C2811 as Easy VPN Server. I made successfull VPN connections but i can't ping internal networks.

I read on this forum some issues related to NAT. I took in account all of theme, but i still can't ping internal servers.

I saw statistics on VPN Client and the decrypted bytes counter ever is "0".

I attached configuration.

Thanks in advanced.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Problems with Easy VPN Server.

Just wondering whether you verified routing to/from the client address pool to/from your servers. Since you don't have a routing protocol configured, it might be one thing to check.

HTH

4 REPLIES
Silver

Re: Problems with Easy VPN Server.

Just wondering whether you verified routing to/from the client address pool to/from your servers. Since you don't have a routing protocol configured, it might be one thing to check.

HTH

Community Member

Re: Problems with Easy VPN Server.

Thanks for your message.

I verified routing and I guess is fine. But i can't ping nothing, for example a directly connected interface like Fa0/0 on 2811.

I really concerned about why i didn't see decrypted packets. I think because we dont have return traffic.

Community Member

Re: Problems with Easy VPN Server.

Hi and Thanks a lot.

You resolved my problem. Let me show you.

I eliminated RRI (Reverse Route Injection) for my VPN group and add a explicit route like that:

ip route 10.20.X.X 255.X.X.X Loopback 0

A route that points to crypto map applied interface and that's all. 10.20.X.X is VPN pool network.

Silver

Re: Problems with Easy VPN Server.

That's great! Thanks for the rating.

131
Views
0
Helpful
4
Replies
CreatePlease to create content