Site to Site vpn is up but no traffic goes thru...

SRP541 and cisco 800

Cisco 800 Config ---------------------------------------

ip source-route

ip dhcp pool quest

   network 10.10.11.0 255.255.255.0

   default-router 10.10.11.1

   dns-server 8.8.8.8 8.8.4.4

!

ip dhcp pool roadrunner

   network 192.168.1.0 255.255.255.0

   default-router 192.168.1.1

   dns-server 8.8.8.8 8.8.4.4

!        

!

ip cef

ip name-server 8.8.8.8

ip name-server 8.8.4.4

no ipv6 cef

!

!

crypto isakmp policy 1

encr 3des

hash md5

authentication pre-share

group 2 

lifetime 28800

crypto isakmp key test address xx.xx.xx.153

crypto isakmp key test1 address xx.xx.xx.24

!

!

crypto ipsec transform-set qwest esp-3des esp-md5-hmac

crypto ipsec transform-set roadrunner esp-3des esp-md5-hmac

!

crypto map maptest1 2 ipsec-isakmp

! Incomplete

!

crypto map qwest 1 ipsec-isakmp

set peer xx.xx.xx.24

set transform-set qwest

match address 100

!

crypto map roadrunner 1 ipsec-isakmp

set peer xx.xx.xx.153

set transform-set roadrunner

match address 101

!

!

interface FastEthernet0

description roadrunner

switchport access vlan 2

!

interface FastEthernet1

description roadrunner

switchport access vlan 2

!

interface FastEthernet2

description roadrunner

switchport access vlan 2

!

interface FastEthernet3

description roadrunner

switchport access vlan 2

!

interface FastEthernet4

description qwest

!

interface FastEthernet5

description qwest

!

interface FastEthernet6

description qwest

!

interface FastEthernet7

description qwest

!

interface FastEthernet8

description qwest connection

no ip address

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

pppoe enable group global

pppoe-client dial-pool-number 1

!

interface GigabitEthernet0

description roadrunner connection

ip address xx.xx.xx.134 255.255.255.252

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

crypto map roadrunner

!

interface Vlan1

description quest

ip address 10.10.11.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan2

description roadrunner

ip address 192.168.1.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!        

interface Async1

no ip address

encapsulation slip

!

interface Dialer1

ip address negotiated

ip mtu 1492

ip nat outside

ip virtual-reassembly

encapsulation ppp

ip tcp adjust-mss 1452

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname xxxxx

ppp chap password 0 xxxxxx

crypto map qwest

!

ip forward-protocol nd

no ip http server

no ip http secure-server

!

!        

ip nat inside source list nat interface Dialer1 overload

ip nat inside source list nat1 interface GigabitEthernet0 overload

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 GigabitEthernet0

!

ip access-list extended nat

permit ip 10.10.11.0 0.0.0.255 any

deny   ip 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255

ip access-list extended nat1

deny   ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255

permit ip 192.168.1.0 0.0.0.255 any

!

access-list 1 permit 10.10.11.0 0.0.0.255

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 100 remark maptest1 category=4

access-list 100 remark IPSec Rule

access-list 100 permit ip 10.10.11.0 0.0.0.255 10.10.10.0 0.0.0.255

access-list 101 remark maptest1 category=4

access-list 101 remark IPSec Rule

access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.0.0 0.0.0.255

dialer-list 1 protocol ip permit

------------------------------------

pictures for the SRP are provided...