cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
422
Views
0
Helpful
1
Replies

Issue with isakmp session

I have configured IPSec on basic lab but don't can pinging from source loopback0

R1#ping 50.50.50.50 source 60.60.60.60

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 50.50.50.50, timeout is 2 seconds:

Packet sent with a source address of 60.60.60.60

.....

Success rate is 0 percent (0/5)

I have to add the next command also:

crypto map MAPACIFRADO local-address Loopback0

Attach the whole configuration.

I think that how don't can to send traffic between loopbacks R1-R2 the isakmp session don't work.

R1#show crypto isakmp sa

dst             src             state          conn-id slot status

http://networkingcontrol.wordpress.com/
#CCNP CSCO11962956       

http://networkingcontrol.wordpress.com/ #CCNP CSCO11962956
1 Reply 1

Poonam Garg
Level 3
Level 3

Hello Alfredo,

Since you are using default isakmp policy for phase 1 negotiation, it uses rsa-signature for authentication of peers. You have to get digital certificate from a CA server on both the routers to authenticate each other identity also before certifiacte request synchronise time on both the routers with NTP server.