Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VPN Connectivity to an offline server.

Greetings All,

I am trying to bring standard site to site vpn connection between two sites. Site A and Site B.

Site A has a server (SeverOne)and site B WILL have a server (ServerTwo).

Now Im trying to bring up the VPN tunnel by pinging at this point a NON-EXISTENT server (ServerTwo) from the ServerOne.

SO the question is will this tunnel come up even though the server at site B is still not online? So far my tunnel is not passing phase 1.

Thanks in advance

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VPN Connectivity to an offline server.

SO the question is will this tunnel come up even though the server at site B is still not online?

Absolutely.. tunnel should still come up even though the host at other end does not respond.. you still should see phase 1/2 complete, and note in the output of (show crypto isakmp sa) in your firewall tunnel state as QM_IDLE and see peer tunnel address and your tunnel address.. you will only see encrypts but no decryps in the output of (show crypto ipsec sa) when sending pings to a system that is not online ... so if your tunnel makes it as far as phase1 something is wrong , either in your ike policy not matching or peer not responding..

2 REPLIES

Re: VPN Connectivity to an offline server.

SO the question is will this tunnel come up even though the server at site B is still not online?

Absolutely.. tunnel should still come up even though the host at other end does not respond.. you still should see phase 1/2 complete, and note in the output of (show crypto isakmp sa) in your firewall tunnel state as QM_IDLE and see peer tunnel address and your tunnel address.. you will only see encrypts but no decryps in the output of (show crypto ipsec sa) when sending pings to a system that is not online ... so if your tunnel makes it as far as phase1 something is wrong , either in your ike policy not matching or peer not responding..

New Member

Re: VPN Connectivity to an offline server.

I know it's been a year (almost) but thanks.. this was helpfull

123
Views
0
Helpful
2
Replies