I have an ipsec tunnel created between a 1841 and 871. I have vlan1 as 10.1.5.1 on the 871 and 10.1.4,10.1.3, and 10.1.2 on the 1841. I cannot ping from each router to any destination lan ip. I do not know how to add a static route to make these work. Can anyone advise?
From what I can tell, your 10.1.x.x networks are not in the encryption domain for your IPSec tunnel. So, the packet will follow the default routes in place already (x.x.x.237 on the 1841 and x.x.x.33 on the 871) unencrypted. If your intent is to connect these privately addressed networks over the internet or WAN you can't control routing for, you'll need to add those networks to the encryption domain. After that, they'll follow the default route already in place, however they will be encrypted and passed to the other IPSEC tunnel endpoint. Same for the reverse path. For pings, you'll also need to add to the encryption domain ICMP from / to your public IP address and/or use an extended ping to source from your 10.1.x.x interface. After you get the encryption domain specified properly, you should be OK, providing your tunnel sets up right.
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...