Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VPN Concentrator to PIX one way tunnel problems

I have a tunnel established between a pix and a 3005 concentrator. I have verified by many different means that my traffic is flowing one way. From the pix to the concentrator. The ip traffic is then being redirected back to the inside interface of the concentrator, but it does not encrypt the packet. Any ideas on troubleshooting this problem?

Aaron

2 REPLIES
Cisco Employee

Re: VPN Concentrator to PIX one way tunnel problems

Check that the 3000 doesn't have a route for the remote PIX subnet that points back out the inside interface, it needs to send them out the Public interface for it to work.

Are you sure that the return traffic actually makes it back to the private int of the VPN3000? Or are the inside hosts sending it to another device on that subnet?

Community Member

Re: VPN Concentrator to PIX one way tunnel problems

I appreciate your feedback. As it turns out you are right on the money. The traffic is going to the concentrator, but it had a 192.168.0.0/16 route that was overriding the vpn routes. By removing this static route and adding a default tunnel gateway I was able to resolve the problem.

Thanks.

Aaron

178
Views
0
Helpful
2
Replies
CreatePlease to create content