[c-nsp] IPSec tunnel up but no Traffic

Voll, Scott Scott.Voll at wesd.org
Wed Jun 6 13:36:07 EDT 2007 

Disregard.... my ACL was bad.

Scott

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Voll, Scott
Sent: Wednesday, June 06, 2007 10:07 AM
To: Scott Granados; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] IPSec tunnel up but no Traffic

2801 config below.  I don't think it's on the concentrator side as I've
done other Lan-to-Lan's on them without problems.

Scott
!
!
crypto isakmp policy 10
 encr aes 256
 authentication pre-share
 group 2
crypto isakmp key 6 ####### address a.b.c.41
!
crypto ipsec security-association lifetime seconds 86400
!
crypto ipsec transform-set vpn esp-aes 256 esp-md5-hmac
!
crypto map PittockVoice 100 ipsec-isakmp
 set peer a.b.c.41
 set transform-set vpn
 match address 130
!
!
!
!
interface FastEthernet0/0
 ip address a.b.c.34 255.255.255.224
 ip pim sparse-dense-mode
 duplex auto
 speed auto
 crypto map PittockVoice
!
interface FastEthernet0/1
 ip address a.b.c.9 255.255.255.252
 ip pim sparse-dense-mode
 duplex auto
 speed auto
!
ip route 0.0.0.0 0.0.0.0 a.b.c.33
!
!
!

access-list 130 permit ip a.b.c.8 0.0.0.3 10.0.0.0 0.0.0.255 <--
ethernet 0/1 network to inside network of concentrator

!
!
!

-----Original Message-----
From: Scott Granados [mailto:gsgranados at comcast.net] 
Sent: Wednesday, June 06, 2007 9:57 AM
To: Voll, Scott; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] IPSec tunnel up but no Traffic

Can you post the related parts of the configs you're using.  I recently
went 
down this road and it might help.
----- Original Message ----- 
From: "Voll, Scott" <Scott.Voll at wesd.org>
To: <cisco-nsp at puck.nether.net>
Sent: Wednesday, June 06, 2007 9:47 AM
Subject: [c-nsp] IPSec tunnel up but no Traffic


>I have a 2801 setup to a VPN Concentrator 3005 setup using a IPSec
> tunnel.
>
>
>
> Everything looks like the tunnel is up.... But no traffic is passing
> through the tunnel.  Any idea where to start troubleshooting?
>
>
>
> Thanks
>
>
>
> Scott
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/ 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list