Re: IPsec VPN not working

xx__hh · ‎11-14-2019

I am trying to implement ipsec vpn in my network but when i type in the command show crypto isakmp sa, nothing is displayed. But when i do show run it shows the ipsec configurations on the interface as it should be. I have attached a text file containing the commands i entered to implement vpn on both routers and also a screenshot of my network. I have been stuck on this for the past few days, i would appreciate some immediate help.

Rob Ingram · ‎11-14-2019

Hi,

The configuration you provided seems ok.

How are you testing? You would need to send traffic from R1 network 192.168.4.x to R3's network 192.168.8.x to force the routers to establish a VPN tunnel.

What is the purpose of ACL 101? It would not be used in the VPN

xx__hh · ‎11-14-2019

Hi i am testing by using the show crypto isakmp sa and also by looking at
the frame in simulation mode. But everything looks normal so far.

Network Keith · ‎11-24-2019

show crypto isakmp sa will show you tunnel info once traffic is sent like so:

R5#sho cry is sa
IPv4 Crypto ISAKMP SA
dst src state conn-id status
169.254.100.5 169.254.100.2 QM_IDLE 1018 ACTIVE
169.254.100.1 169.254.100.5 QM_IDLE 1019 ACTIVE

LabFW1(config)# sho cry is sa

IKEv1 SAs:

Active SA: 1
Rekey SA: 0 (A tunnel will report 1 Active and 1 Rekey SA during rekey)
Total IKE SA: 1

1 IKE Peer: 1.1.1.3
Type : L2L Role : responder
Rekey : no State : MM_ACTIVE

Ping the encrypted traffic between both sites then check the command