hi guys need ur help in this, i developed a simple site to site vpn between 2 routers on a serial link in my lab, i connected 1 pc to routerA eth 0 and other pc to routerB eth 0. now i ping from both ends and the tunnel established successfully ( i verified using sh cry isakmp sa, sh cry ipsec sa ) now i cleared isakmp by clear crypto isakmp on routerA and it got deleted check this
RA#sh crypto isakmp sa
dst src state conn-id slot status
220.127.116.11 18.104.22.168 MM_NO_STATE 1 0 ACTIVE (deleted)
now i thought that the tunnel is torn down, i again issued ping from 1 pc it got successful, so i checked again by sh cry isakmp sa but it was empty !!! i checked sh cry ipsec sa and it was still encaps the packets mean phase 2 tunnel was still up !! how is this possible after i terminated iskamp how is it possbile that phase2 tunnel is still up ??? plz tell me
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...