Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1220
Views
0
Helpful
3
Replies

Crypto Access-list is not fully utilizing in site-to-site VPN

kashifglobal12
Level 1
Level 1

‎02-27-2020 02:09 AM

Dear Concern,

 

I am using access-list containing Source ip 192.168.101.8 and 101.43 and Destination Ip 192.168.102.93. In phase 2 what i am seeing is that phase 2 tunnel is established only between 192.168.101.8 and 192.168.102.93 and not between  192.168.101.43 and 192.18.102.93.

 

Kindly help.

0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎02-27-2020 03:34 AM

Have you presented the VPN device with interesting traffic from the unused address pairs? An IPsec security association will only be formed (and kept up) in the event of interesting traffic.

0 Helpful

kashifglobal12
Level 1
Level 1
In response to Marvin Rhoads

‎02-27-2020 03:42 AM

Have you presented the VPN device with interesting traffic from the unused
address pairs? Sir didn't get you... I have configured same interesting
traffic on both sides....
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kashifglobal12

‎02-27-2020 03:50 AM

When we say "interesting traffic" we mean actual packets flowing  on the network from the defined source address(es) to the defined destination address(es).

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card