Who Me Too'd this topic

Hi,

I have two office (main and brach) each with a cisco 887 router 15.3 with sec+ k9 ios

I have configured client vpn (working with no problems at all) and a site to site VPN.

The tunnel between main and branch site is up (according to sh cry session and sh crypto isakamp sa) but i can't send traffic from site to site and the tunnel status is always "UP-IDLE"

(ip address removed)

MAIN SITE

Interface: Dialer0
Session status: UP-IDLE
Peer: BRANCH IP port 500 
  Session ID: 0  
  IKEv1 SA: local  Active 
  IPSEC FLOW: permit ip 10.0.0.0/255.255.255.0 192.168.1.0/255.255.255.0 
        Active SAs: 0, origin: crypto map

IPv4 Crypto ISAKMP SA
dst             src             state          conn-id status
     QM_IDLE           2009 ACTIVE

interface: Dialer0
    Crypto map tag: clientmap, local addr 

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (10.0.0.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)
   current_peer  port 500
     PERMIT, flags={origin_is_acl,ipsec_sa_request_sent}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 458, #recv errors 0

     local crypto endpt.: , remote crypto endpt.: 
     plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb Dialer0
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:

BRANCH

Interface: Dialer0
Session status: UP-IDLE
Peer: MAIN IP port 500 
  Session ID: 0  
  IKEv1 SA: local Active 
  IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 10.0.0.0/255.255.255.0 
        Active SAs: 0, origin: crypto map

sh crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst             src             state          conn-id status
     QM_IDLE           2012 ACTIVE

sh crypto ipsec sa

interface: Dialer0
    Crypto map tag: clientmap, local addr 

   protected vrf: (none)
   local  ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)
   remote ident (addr/mask/prot/port): (10.0.0.0/255.255.255.0/0/0)
   current_peer 79.0.238.28 port 500
     PERMIT, flags={origin_is_acl,}
    #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
    #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0
    #pkts compressed: 0, #pkts decompressed: 0
    #pkts not compressed: 0, #pkts compr. failed: 0
    #pkts not decompressed: 0, #pkts decompress failed: 0
    #send errors 30, #recv errors 0

     local crypto endpt.: , remote crypto endpt.: 
     plaintext mtu 1500, path mtu 1500, ip mtu 1500, ip mtu idb Dialer0
     current outbound spi: 0x0(0)
     PFS (Y/N): N, DH group: none

     inbound esp sas:

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

     outbound ah sas:

     outbound pcp sas:

In attach both the sh run conf.
I don't see any problem with both peer and ACL configuration for nat and traffic 

Thanks for any help.