I'm not sure this is even a router issue but have a problem with a site to site tunnel created on our FW.
The circuit in question delivered by ISP to our 3640. Router to FW vai FA0/1 which is assigned our global IP 66.52.5.x
The tunnel is setup with a client through our Sonicwall and inidcates that it's up with end to end connectivity. The problem is, we cannot pass traffic.
If I trace from the segment of our internal network which will use this tunnel, it hits our global ip the the 3640 router and dies (66.52.5.x).
According to Sonicwall, there should be no need to NAT on the router or do anything for that matter because the FW will handle everything through the VPN configuration.
So the million dollar question is why does this tunnel show green yet packets hit the router and die on the way out.
Like I said, not sure of this is even a router issue but it appears it maybe since the FW shows the tunnel up but yet no traffic can get past the router. Any thoughts on this would be greatly appreciated.
The Sonicwall "green" light about the tunnel status should be taken with a grain of salt, as it requires an additional keepalive or a similar mechanism to reliably determine if the tunnel is really workable.
You have written that if you traceroute the path through the tunnel, the last hop is the 3620 router. After that, no answers are received. Following from that, I see three most common possibilities:
1.) The tunnel is not working
2.) The routing on the 3620 is not set up properly so the packets do not enter the tunnel
3.) The other endpoint of the tunnel receives your packets but does not know where to send the replies (again, a routing issue - on the opposite end of the tunnel)
I suggest eliminating these three possibilities before proceeding further.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.