I configured a site-to-site vpn with private ip inside and it function properly. Then I tested it with public ip inside and I got an error message
IPSEC (sa_initiate) : ACL = no sa created
The only thing what I have changed is the access-list command
access-list 100 permit ip 10.10.10.0 255.255.255.0 10.10.11.0 255.255.255.0
in
access-list 100 permit ip 111.111.111.0 255.255.255.0 200.200.200.0 255.255.255.0
and the ip address at inside interfaces.
I use 3DES, SHA, DH=1 and PSK for phase1 and 3DES, SHA for phase2
What´s going wrong?
Regards
Helmut