cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
909
Views
0
Helpful
2
Replies

EzVPN w/ 2811 & CCP, clients received 0 packets

a3948692
Level 1
Level 1

Hi all,

I've tried to create a EzVPN server on my 2811 router, I've try many options and try to clear firewall settings.

Clients can connect, with CISCO VPN Client 5.007.0290, but they allways not receiving 0 packets.

CCP version is 2.3, and IOS is 2800 advanced ip service, 150-1.M4. , also i've try 124-15.T12

any comment is appreciated

update: I've recreated a vpn from a "fresh" config. removed "dpd" now iphone client can login but like pc clients, 0 packets received.

enclosed is the new config and the "sh crypt ipsec sa" result.

2 Replies 2

lgijssel
Level 9
Level 9

First of all, you do not need the secondary ip addresses on your public interface:

ip address x.x.x.85 255.255.255.240 secondary

ip address x.x.x.86 255.255.255.240 secondary

ip address x.x.x.87 255.255.255.240 secondary

ip address x.x.x.88 255.255.255.240 secondary

Also, take note that EzVPN encapsulates ESP in UDP (to allow nat).

Therefore, acl's matching esp are possibly not correct.

regards,

Leo

thanks, i've just post update config/results above.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: