Hi i have a voice setup main office in dubai and brach office in Nigeria
Connected via vpn router The person who configured VPN That time it was only one voice vlan 100 (192.168.17.0)
Later because of ip for vlan 100 is over i created new VLAN 75 (192.168.75.0) but the voice call to nigeria who is having vlan 75 is not going.
I checked the VPN ROUTER put the access list as simila which is given for vlan 100 to vlan 75 . But still its not going .
When i do a ping from core switch
ping 192.168.27.1 source vlan 75 (ip on the nigeria uc560) not pinging
ping 192.168.27.1 source vlan 100 its pinging .
Iam not much good in Routing and access lists VPN thinks . can any body look in to the vpn router config , core switch config , uc560 in nigira site .
Can any body give what extra comman i should inculede in which device
You need also to modify the ACL 180 on UC560 associated with cryptomap :
access-list 180 permit ip 192.168.22.0 0.0.0.255 192.168.96.0 0.0.15.255
access-list 180 permit ip 192.168.22.0 0.0.0.255 192.168.75.0 0.0.0.255 ! missed line
With this ACL you define that traffic from 192.168.22.0 0.0.0.255 to 192.168.75.0 0.0.0.255 and viceversa is encrypted traffic.
You can verify also with a show crypto ipsec sa