Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

VPN Tunnel on router

I have a problem when I created a tunnel between 2 routers

Router A

interface Tunnel1

description ## TUNEL VPN #

ip address 172.20.1.2 255.255.255.252

tunnel source GigabitEthernet1/0

tunnel destination 190.10.8.13

--------------------------------------------------------

Router_A#ping 190.10.8.13

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 190.10.8.13, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/195/200 ms

--------------------------------------------------------------------------------------------------------------

Tunnel1                    172.20.1.2      YES manual up                    up

--------------------------------------------------------------------------------------------------------------

Router_A#ping 172.20.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Router_A#ping 172.20.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
-------------------------------------------------------------------------------------------------

Router B

interface Tunnel1

description ## TUNEL VPN TO ZORRITOS ##

ip address 172.20.1.1 255.255.255.252

tunnel source GigabitEthernet0/0.453

tunnel destination 190.4.6.22

---------------------------------------------------------------------------------

Router_B#ping 190.4.6.22

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 190.4.6.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 192/194/200 ms

----------------------------------------------------------------------------------------------------------------

Tunnel1                    172.20.1.1      YES manual up                    up

--------------------------------------------------------------------------------------------------

Router_B#ping 172.20.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms
Router_B#ping 172.20.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.1.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
------------------------------------------------------------------------------------------------------------

Why I can't do ping to another ip address of tunnel

1 REPLY
Hall of Fame Super Silver

VPN Tunnel on router

You have provided partial information about your environment, giving the tunnel but not the other interfaces and not the crypto map information. And without more information it is difficult to be sure. But my guess is that the routers expect traffic coming through the tunnel to be encrypted. But when you ping to the tunnel IP address I am guessing that this does not match the crypto map and is not encrypted. And I am guessing that the routers do not accept un-encrypted traffic arriving on the tunnel.

HTH

Rick

296
Views
0
Helpful
1
Replies
CreatePlease to create content