Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1511
Views
0
Helpful
2
Replies

GRE/IPSec - Debug ip packet - CEF

marcusauman
Level 1
Level 1

‎10-26-2011 08:19 AM - edited ‎03-04-2019 02:03 PM

I ran into a issue today that is bugging me. I'm running a GRE IPSec tunnel from my hub site to a spoke router. In the router I created an access list referencing the Inside global addresses on both sides of the tunnel (Running NAT) and ran debug ip packet and referenced the access list. I did not see any traffic from the access list in my log. All I saw was some crypto ipsec entries in the log which were not from my access list. Maybe my access list is wrong in referncing the Inside global addresses as the source and destination? I've also turned off CEF switching (no ip cef). IPSec is running in transport mode.

Any ideas?

Labels:
0 Helpful
2 Replies 2

Edison Ortiz
Hall of Fame
Hall of Fame

‎10-26-2011 08:41 AM

I'm having a hard time following your post. Can you post a configuration snippet and network topology?

0 Helpful

marcusauman
Level 1
Level 1
In response to Edison Ortiz

‎10-27-2011 06:38 AM

The topology is a hub and spoke configuration. A GRE/IPSec VPN tunnel from the hub to the spoke. Everything from both the hub and spoke is NATed.

Let me know if you still don't understand the topology please.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card