Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Ok, so I included the interesting traffic between Branch and HQ, excluded it from NAT. There is a static NAT for the HQ Server and I included that in the interesting traffic. Checked that connectivity is working, but the Packet Tracer is kind of slow...
Did you try disabling the lifetime on the Router for kilobytes?I think that this kilobytes lifetime for Phase 2 is living only in the Cisco's world.no crypto ipsec security-association lifetime kilobytes
Yep, your NAT was the problem. I ran the simulation mode and you were not hitting the interesting traffic, because of the NAT/PAT. So, I denied the interesting traffic from NAT.Also, there was a typo for the PSK on the HQ Router.Attached is my workin...
