no traffic passing through VPN between R 877 and remote Cisco VPN client

jorolas · ‎07-30-2007

Hi there, I need help trying to solve this problem up. I have no more ideas...

I have a vpn established between my router 877 and an XP in a remote network behind nat router, and running cisco vpn client software (v4.7.00.0533). Once vpn is established, I am not able to even ping from remote client any host inside my lan.

Lan: 192.168.100.0/24 vlan1 interface

Virtual Ip for remote user: 192.168.110.0-10

Pinging from remote host to local host:

If I sniff in local host, none packets are received.

If I sniff in remote host, UDPencap packets from its private Ip to my public IP are sent through real interface, so I beleive remote side configuration is well done. These udpencap packets should be nated and routed by remote router (common adsl router with no outbound restrictions) and processed by my local-vpn-gw.

If I sniff remotely in the virtual cisco vpn interface I can see icmp packets from virtual IP to private IP of my local host.

I understand that my router is detecting nat usage automatically, so shouldnt be an issue related to nat-traversal.

I have tryied to guess at least if traffic is reaching my local gw. How can I see if this udpencp packets comming from my remote vpn client are reaching at least my vpn gw?

Please, I would much apreciate some help on this....

Thanks in advance

Jorge

carenas123 · ‎08-03-2007

All IP traffic passing through the interface is evaluated against the applied crypto map set. If a crypto map entry sees outbound IP traffic that should be protected and the crypto map specifies the use of IKE, a security association is negotiated with the remote peer according to the parameters included in the crypto map entry.