12-08-2021 02:30 AM
I have configured IPSEC between two routers, when I am generating traffic from PC1 to PC2 getting RTO and vice versa, and Show Crypto Session is showing UP-IDLE. Can any one help me in this regard.
Please find the below topology and configuration files
Solved! Go to Solution.
12-08-2021 05:03 AM
as cisco suggest it is discourage.
12-08-2021 03:12 AM
@himanshudwivedi please generate traffic by pinging PC2 when connected from PC1. Then provide the output of "show crypto isakmp sa" and "show crypto ipsec sa" from both routers.
12-08-2021 04:53 AM
12-08-2021 04:04 AM
change the ACL of IPSec,
1- permit 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0 <-in R1
permit 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0 <-in R2
2-no need any
3-no need deny at the end
12-08-2021 04:39 AM
Yes it worked, but I want to know the reason why it is not working on ANY..
If in case there are more that 1 subnet is R2 and I am not aware of subnet in R2 and vice versa, in that case I used ANY, why it will not work.
12-08-2021 05:03 AM
as cisco suggest it is discourage.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide