cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
800
Views
0
Helpful
4
Replies

Site-2-Site VPN issue

Dear Netpro Gurus,

Does an upstream router with IOS 15 have a role in not allowing s2s vpn

traffic from an ASA 5520 to pass through. If that is the case then how to fix it.

Regards

Faiz

1 Accepted Solution

Accepted Solutions

Nothing needs to be done for pass through VPN traffic as far as licensing is concern on IOS 15.0.

If you are actually terminating the IPSec VPN tunnel on the IOS 15.0 router, then yes, you would need to have the K9 Security license, but for pass through traffic, there is no extra license required.

View solution in original post

4 Replies 4

Jennifer Halim
Cisco Employee
Cisco Employee

It really depends on what configuration you have on the IOS 15 router.

Any CBAC, or ZBFW, or NAT, or access-list that might be blocking the traffic S2S VPN traffic?

You might want to check the following protocols:

- UDP/500

- ESP procotocl

- UDP/4500

There is no access list related to any services. what I meant was whether the new 15.0 IOS itself is not allowing the

VPN traffic. I was having a thought that maybe it needs a licensing Key to unlock the VPN cabability and allow VPN traffic to pass through.

Regards

Faiz

Nothing needs to be done for pass through VPN traffic as far as licensing is concern on IOS 15.0.

If you are actually terminating the IPSec VPN tunnel on the IOS 15.0 router, then yes, you would need to have the K9 Security license, but for pass through traffic, there is no extra license required.

Thank you very much, appreciated your time and answer.