Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

VPN lab help

Hello,

I have created a simple VPN lab between a Pix (outside) and a 2620 (fas 0) router using a crossover.

All is working and I can ping the loopback 0 interface on the router from my laptop connected to the inside interface of the Pix. For the "outside" IP's I've only used 172.16.1.1/30 and 172.16.1.2/30.

I have now changed one outside interface to a 10.10.10.1/30 and changed the config to reflect this but the VPN stays down. I thought arp would locate this IP and bring the tunnel up? I just want to different IP's to connect like a real VPN, possible?

5 REPLIES

Re: VPN lab help

Can you ping the other device?

What is the debug of the arp telling you?

New Member

Re: VPN lab help

Nope I can't ping it, plus I ran a "sh arp" on the pix and do not see this new peer IP anywhere.

All I see is the outside IP of 213.212.82.5:

"arp-send:arp request built from 213.212.82.5 maciid for 213.212.82.1 macid.

I'm not using 213.212.82.1 anywhere.

Re: VPN lab help

Interesting, from the router can you see the PIX?

in the arp tables of both devices are the MAC addresses correct - even if the IP addresses are wrong?

Is the PIX still conneced to the router via an xover cable?

Have you tried to clear the ARP cache on both devices?

What do you see on the router when you issue "debug ip arp" and ping the PIX or when you try and ping the router from the PIX?

New Member

Re: VPN lab help

It could be the cross-over cable, on the router after issuing a "sh arp" I get the error:

"IP ARP req filterd scr 213.212.82.5 macid, dst 213.212.82.1 0000.0000.0000 wrong cable. intface fastethernet 0/0"

says wrong cable, but why everything wants to go to the first IP in the subnet I dont know - 213.212.82.1

Re: VPN lab help

post your PIX and Router config for review.

111
Views
0
Helpful
5
Replies
CreatePlease to create content