Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
716
Views
0
Helpful
1
Replies

IPSEC TUNNEL SHOW ACTIVE BUT TRAFFICE NOT FLOWING

HARIS_HUSSAIN
VIP Alumni
VIP Alumni

‎04-21-2019 03:00 AM - edited ‎02-21-2020 09:37 PM

I have a test setup with CSR1 and CSR2 connected via the dummy Internet. as below

CSR1.PNG

 

When i Configure Tunnel mode to be GRE ip everything work I am able to ping between routers and also the tunnel interface.

But if i set tunnel mode ipsec ipv4 it stops working. Can any one help here.

Attached configuration ofr CSR1 and CSR2

 

 

 

Labels:
LOG.zip
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎04-21-2019 04:14 AM

Hi,
I have previously tested OSPF with VTI (tunnel mode ipsec ipv4) and it does work. Can you confirm what doesn't work, do you mean the IKEv2 and IPSec SA are not formed or the OSPF adjacency isn't established?

I noticed you have different MTU on your tunnel interfaces, make them the same value - this could stop OSPF adjacency forming.

HTH
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents