I have a problem to connect VPN modem/router CISCO 887 9 VA-WE-K to CISCO WRV210. My internal networks work well, as ADSL connections.
I can create a VPN connection between two routers as I see on the WRV210 the state of the tunnel is connected. (No error message in the log). However, they do not communicate. When I try to ping the router 887 to the other internal network does not work, and vice versa.
Here is my configuration CISCO 887:
Building configuration...
Current configuration : 2989 bytes
!
! Last configuration change at 15:08:03 UTC Sun Nov 18 2012
! NVRAM config last updated at 00:04:33 UTC Sun Nov 18 2012
! NVRAM config last updated at 00:04:33 UTC Sun Nov 18 2012
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname LEHAVRE
!
boot-start-marker
boot-end-marker
!
!
enable secret 5 XXXXXXXX
enable password 7 XXXXXXXX
!
no aaa new-model
crypto pki token default removal timeout 0
!
!
ip source-route
ip cef
!
!
!
ip dhcp excluded-address 192.168.1.103
!
ip dhcp pool DHCP_LEHAVRE
network 192.168.10.0 255.255.255.0
default-router 192.168.10.103
dns-server 192.168.10.103
domain-name lehavre.local
!
!
ip domain name lehavre.local
no ipv6 cef
!
!
license udi pid C887VA-W-E-K9 sn FCZ1644C0U0
!
!
username LeHavre privilege 15 secret 4 XXXXXXXX
!
!
!
!
controller VDSL 0
!
ip ssh version 2
!
!
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key XXXXXXXX address 82.101.5.XXX
!
!
crypto ipsec transform-set TS esp-3des esp-md5-hmac
!
crypto map CMAP 10 ipsec-isakmp
set peer 82.101.5.XXX
set transform-set TS
match address VPN-TRAFFIC
!
!
!
!
!
interface ATM0
no ip address
no atm ilmi-keepalive
!
interface ATM0.1 point-to-point
crypto map CMAP
pvc 8/35
pppoe-client dial-pool-number 1
!
!
interface Ethernet0
no ip address
shutdown
no fair-queue
!
interface FastEthernet0
no ip address
!
interface FastEthernet1
no ip address
shutdown
!
interface FastEthernet2
no ip address
shutdown
!
interface FastEthernet3
no ip address
shutdown
!
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
no ip address
!
interface wlan-ap0
description Embedded Service module interface to manage the embedded AP
no ip address
shutdown
!
interface Vlan1
ip address 192.168.10.103 255.255.255.0
ip nat inside
ip virtual-reassembly in
ip tcp adjust-mss 1412
!
interface Dialer0
ip address negotiated
ip mtu 1492
ip nat outside
ip virtual-reassembly in
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap callin
ppp chap hostname fti/XXXXXXX
ppp chap password 7 XXXXXXXX
ppp ipcp dns request
ppp ipcp route default
crypto map CMAP
!
no ip forward-protocol nd
ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface Dialer0 overload
ip route 0.0.0.0 0.0.0.0 Dialer0
!
ip access-list extended VPN-TRAFFIC
permit ip 192.168.10.0 0.0.0.255 192.168.101.0 0.0.0.255
!
access-list 1 permit any
dialer-list 1 protocol ip permit
!
!
!
!
snmp-server community public RO
!
line con 0
password 7 XXXXXXX
login
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
stopbits 1
line vty 0 4
password 7 XXXXXXXXX
login local
transport input ssh
!
scheduler allocate 20000 1000
end
Info :
LEHAVRE#show crypto isakmp sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
92.132.127.XXX 82.101.5.XXX QM_IDLE 2013 ACTIVE
IPv6 Crypto ISAKMP SA
A little help will be welcome. Thank you VERY MUCH in advance.
