cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
475
Views
0
Helpful
0
Replies
Highlighted
Beginner

IPsec tunnel through NAT not working

Hi everyone,

I'm not familiar with VPN and I am trying to setup up the first production VPN through NAT.

After all configuration following some templates for VTI the tunnel is not comming up. Connectivity is assured and I believe the log shows that.

Attached is the topology and the resulting logs. Configuration setup below. All public IP addresses first 2 octets have been replaced by 99.99

Thanks all in advance

Mario

===== RE router configuration ======

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 3600

crypto isakmp key key address 0.0.0.0       

crypto isakmp keepalive 15

!

crypto ipsec transform-set tset esp-3des esp-sha-hmac

!

crypto ipsec profile ipsecprofile

set transform-set tset

!

interface Loopback3

ip address 99.99.61.243 255.255.255.255

!

interface Tunnel0

ip address 1.1.1.1 255.255.255.0

shutdown

tunnel source Loopback3

tunnel mode ipsec ipv4

tunnel destination 99.99.58.1

tunnel protection ipsec profile ipsecprofile

===== RW router configuration ======

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

lifetime 3600

crypto isakmp key key address 0.0.0.0 0.0.0.0

crypto isakmp keepalive 15

!

!

crypto ipsec transform-set tset esp-3des esp-sha-hmac

!

crypto ipsec profile ipsecprofile

set transform-set tset

interface Loopback0

ip address 99.99.60.240 255.255.255.255

interface Tunnel0

ip address 1.1.1.2 255.255.255.0

shutdown

tunnel source GigabitEthernet0/1.14

tunnel mode ipsec ipv4

tunnel destination 99.99.61.243

tunnel protection ipsec profile ipsecprofile

!

interface GigabitEthernet0/1.14

encapsulation dot1Q 14

ip address 10.176.0.34 255.255.255.240

ip nat outside

ip virtual-reassembly in

!

Everyone's tags (5)