10-26-2011 08:19 AM - edited 03-04-2019 02:03 PM
I ran into a issue today that is bugging me. I'm running a GRE IPSec tunnel from my hub site to a spoke router. In the router I created an access list referencing the Inside global addresses on both sides of the tunnel (Running NAT) and ran debug ip packet and referenced the access list. I did not see any traffic from the access list in my log. All I saw was some crypto ipsec entries in the log which were not from my access list. Maybe my access list is wrong in referncing the Inside global addresses as the source and destination? I've also turned off CEF switching (no ip cef). IPSec is running in transport mode.
Any ideas?
10-26-2011 08:41 AM
I'm having a hard time following your post. Can you post a configuration snippet and network topology?
10-27-2011 06:38 AM
The topology is a hub and spoke configuration. A GRE/IPSec VPN tunnel from the hub to the spoke. Everything from both the hub and spoke is NATed.
Let me know if you still don't understand the topology please.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide