Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1526
Views
0
Helpful
2
Replies

packet tracer type vpn subtype encrypt result DROP

clark white
Level 2
Level 2

‎09-19-2017 04:59 AM - edited ‎02-21-2020 06:19 AM

Dears

i have a L2L vpn from branch to HQ and everthing works fine i am adding a new subnet in the vpn access-list exactly as per the cisco recommendation mirror access-list on both ends, But still the connection to the ISE server on port 1645 fails my branch switches are not able to reach the ISE server in HQ.

The strange part is the packet-tracer some time shows me results all ok and within a seconds if i run again it shows me vpn encrypt packet drop.

 

Please find the attached packet tracer output.

 

 

 

 

Labels:
resutls drop & pass.txt
Preview file
7 KB
0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎09-19-2017 07:42 PM

Hello,

 Should be nice if you put firewall config here. Only one question, does Firewall has route to the new subneteork?

0 Helpful

clark white
Level 2
Level 2
In response to Flavio Miranda

‎09-20-2017 12:18 PM

i can paste the config but i  have routes pretty sure for that

0 Helpful
Review Cisco Networking for a $25 gift card
Top