Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Site-to-Site VPN Tunnel is Not Coming between 2 Routers

Dear All,

I have 2 branch routers being configured for site-to-site VPN, but the tunnel is not coming!

I ran debug and I am attaching herwith the output for your kind review and recommendation. I am also attaching here the configs of the 2 branch routers.

Any idea on why the Site-to-site VPN is not coming up?

Regards,

Haitham

1 ACCEPTED SOLUTION

Accepted Solutions
joe Bronze
Bronze

Re: Site-to-Site VPN Tunnel is Not Coming between 2 Routers

You got it!

Only because you re-used the same crypto map for both the lan to lan and the vpn-client traffic.

this from the DOC CD

no-xauth

(Optional) Use this keyword if router-to-router IP Security (IPSec) is on the same crypto map as a Virtual Private Network (VPN)-client-to-Cisco-IOS IPSec. This keyword prevents the router from prompting the peer for extended authentication (Xauth) information (username and password).

3 REPLIES
joe Bronze
Bronze

Re: Site-to-Site VPN Tunnel is Not Coming between 2 Routers

on the HQ and the branch please put

crypto isakmp key ****** address X.X.X.X NO-XAUTH

at the end of your crypto isakmp key.

-Joe

Community Member

Re: Site-to-Site VPN Tunnel is Not Coming between 2 Routers

Hi Joe,

Yes it worked perfectly...

So, what is the need for NO-XAUTH here, I have configured multiple site-to-site VPNs without using this keyword?!

Is it because I am configuring remote access VPN on the HQ router?

Regards,

Haitham

joe Bronze
Bronze

Re: Site-to-Site VPN Tunnel is Not Coming between 2 Routers

You got it!

Only because you re-used the same crypto map for both the lan to lan and the vpn-client traffic.

this from the DOC CD

no-xauth

(Optional) Use this keyword if router-to-router IP Security (IPSec) is on the same crypto map as a Virtual Private Network (VPN)-client-to-Cisco-IOS IPSec. This keyword prevents the router from prompting the peer for extended authentication (Xauth) information (username and password).

164
Views
0
Helpful
3
Replies
CreatePlease to create content