We are in the process of implementing DMVPN hub and spoke solution.
We have configured a hub and are now trying to connect a remote spoke between client’s remote locations. The client has a Verizon router in front of the spoke. Somehow I am not able to ping the hub's internal network. I am able to ping hub's internal interface. EIGRP neighbor adjacency between hub and spoke is there. I checked Crypto ISAKMP is there. I can see all the internal routes of the hub on the spoke. On the other hand, when I connected the spoke from my home network to the hub, just for testing purposes, everything is working fine. When I took the spoke to the remote location and plugged it in front of the Verison DSL modem and router, I don't know why I am not able to ping internal network. I suspect that Verison has blocked VPN ports. Any ideas?
Are you NAT'ing on the ADSL routers for VPN ports for the DMVPN Spokes? Or do you have a routed public IP configured on the DMVPN spoke?
Sent from Cisco Technical Support iPhone App
No I am getting spoke external interface ip from verison modem+router . Which is 192.168.1.X. I put this ip address to the DMZ zone that won't fix the problem either.
can you post your config - especially your crypto stuff.
Are you using crypto maps or VTI ( tunnel protection)
Can you test if you have connection when you take off the ipsec config so basically then your not encrypting the traffic
( require both sides )
if crypto maps is the network to be encrypted specified?