Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

cisco router VPN from HQ to many Branch?

Dear All,

now i would like to implement VPN from HQ to many branch. at HQ i have Cisco router 2821 and branches i have router 1841. the connection from HQ to branch i used fiber optic. after i configure VPN from HQ to branch, the connection from HQ to branch it up only one tunnel and other branch it not up.

please kindly see in the attach file.

Do you have some configuration or any advice?

Best Regards,

RE

7 REPLIES
VIP Super Bronze

Re: cisco router VPN from HQ to many Branch?

Rechard,

Can you post your configs?

Reza

New Member

Re: cisco router VPN from HQ to many Branch?

Dear Sharifimr,

Please kindly see in the attach file.

Best Regards,

rechard

VIP Super Bronze

Re: cisco router VPN from HQ to many Branch?

what happens if you use the same password for all the sites?

Reza

New Member

Re: cisco router VPN from HQ to many Branch?

Dear Sharifimr,

it up only one branch. and other branch the tunnel is not up.

but i tried to change pre-share-key already it still the problem.

i would like to ask that , the confige that i did is correct or not?

i mean it right standard or not?

best Regrds,

Rechard

New Member

Re: cisco router VPN from HQ to many Branch?

Hi Richard,

I have had a quick look at your configs and they look ok. Can you post show crypto isakmp sa?

Thanks,

Ross.

New Member

Re: cisco router VPN from HQ to many Branch?

Dear Ross and all,

IPv4 Crypto ISAKMP SA

dst src state conn-id slot status

10.10.10.2 10.10.10.1 MM_KEY_EXCH 4002 0 ACTIVE

10.10.10.3 10.10.10.1 QM_IDLE 4003 0 ACTIVE

i tried to change the pre-share key already but it still show like this......

Best Regards,

Rechard

New Member

Re: cisco router VPN from HQ to many Branch?

There looks like a problem with your keys not exchanging at phase 1. Try the command debug crypto isakmp to get more details on the phase 1. Just be careful when using debug commands on production networks you dont want to do it during peeks hours.

Ross.

173
Views
0
Helpful
7
Replies