Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1009
Views
0
Helpful
2
Replies

EzVPN w/ 2811 & CCP, clients received 0 packets

a3948692
Level 1
Level 1

‎11-12-2010 10:23 PM

Hi all,

I've tried to create a EzVPN server on my 2811 router, I've try many options and try to clear firewall settings.

Clients can connect, with CISCO VPN Client 5.007.0290, but they allways not receiving 0 packets.

CCP version is 2.3, and IOS is 2800 advanced ip service, 150-1.M4. , also i've try 124-15.T12

any comment is appreciated

update: I've recreated a vpn from a "fresh" config. removed "dpd" now iphone client can login but like pc clients, 0 packets received.

enclosed is the new config and the "sh crypt ipsec sa" result.

Labels:
75198-show cryp ipsec sa.zip
75199-new config.zip
0 Helpful
2 Replies 2

lgijssel
Level 9
Level 9

‎11-13-2010 12:41 AM

First of all, you do not need the secondary ip addresses on your public interface:

ip address x.x.x.85 255.255.255.240 secondary

ip address x.x.x.86 255.255.255.240 secondary

ip address x.x.x.87 255.255.255.240 secondary

ip address x.x.x.88 255.255.255.240 secondary

Also, take note that EzVPN encapsulates ESP in UDP (to allow nat).

Therefore, acl's matching esp are possibly not correct.

regards,

Leo

0 Helpful

a3948692
Level 1
Level 1
In response to lgijssel

‎11-13-2010 07:13 AM

thanks, i've just post update config/results above.

0 Helpful
Customers Also Viewed These Support Documents