Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1628
Views
0
Helpful
4
Replies

Issues with IPSec VPN in Packet Tracer

Go to solution
Sam-N
Level 1
Level 1

‎12-29-2020 10:58 AM

Hello there (again)

 

Today, I've been configuring IPSec VPN over two LANs (Cafe and ACME), however upon testing (Ping and PDU) I am unable to contact hosts on each LAN. As far as I think, the configuration is correct, the default gateway is configured and extended ACLs in place. I jumped into it with little awareness/insight, so I probably have made a mistake somewhere but I'm not entirely sure. I have attached the .pkt in the latest PT version.

 

Thanks.

Labels:
ACME Topology - My Solution (VPN).zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to Georg Pauwen

‎12-29-2020 03:51 PM

Hello,

 

the file I sent you doesn't work. I think there is a flaw in Packet Tracer where only networks directly connected to the router are encrypted. To demonstrate this (file attached), I have added another network directly to the Cafe router, and changed the VPN access list to encrypt that traffic, and it works right away.

 

Is this a project, with actual requirements, or did you come up with this topology yourself ?

View solution in original post

ACME Topology - My Solution (VPN_NEW).zip
0 Helpful
4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

‎12-29-2020 01:14 PM

Hello,

 

a few things were misconfigured:

 

1. The VPN access list specified 192.168.0.0/24, that has to be 192.168.0.0/16 (in order to include all networks on the 192 side)

2. The cable between the router and the wireless router needs to be a cross cable

3. (Static) routes to the 20.x.x.x/30 networks were missing

4. The isakmp policy was incomplete

 

Attached the working file (saved in version 7.3.1).

 

 

ACME Topology - My Solution (VPN_REV).zip
0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to Georg Pauwen

‎12-29-2020 03:51 PM

Hello,

 

the file I sent you doesn't work. I think there is a flaw in Packet Tracer where only networks directly connected to the router are encrypted. To demonstrate this (file attached), I have added another network directly to the Cafe router, and changed the VPN access list to encrypt that traffic, and it works right away.

 

Is this a project, with actual requirements, or did you come up with this topology yourself ?

ACME Topology - My Solution (VPN_NEW).zip
0 Helpful

Go to solution
Sam-N
Level 1
Level 1
In response to Georg Pauwen

‎12-29-2020 04:01 PM

Thanks for your help Georg. This is a project that I'm working on myself, self teaching myself and being creative. I'm currently on my phone, so I haven't seen the pkt file yet. I'll look at it when I next get a chance.

0 Helpful

Go to solution
Sam-N
Level 1
Level 1
In response to Georg Pauwen

‎12-30-2020 05:52 AM

I looked at the pka you sent across. Thanks for that Georg. Until I get my hands on some actual Cisco equipment, I'll stick with your solution. 

0 Helpful
Customers Also Viewed These Support Documents