03-18-2008 06:03 PM
Hi everyone,
I connect a Draytek router to Cisco router using VDPN. I have run "debug crypto isakmp" on our Cisco router. The SA was authenticated but the connection wasn't established. The show crypto session said the connection was DOWN-NEGOTIATING.
Do you know why it doesn't establish the connection?
Thank you very much.
Triet
03-24-2008 02:36 PM
Make sure that crypto map which allows the interesting traffic is configured right and applied to the appropriate outgoing interface to bring the tunnel up.
03-25-2008 03:59 PM
Thanks Pengke11, I can confirm the settings are correct.
03-25-2008 07:28 AM
Do you have port open 4500 i.e. for NAT-T??
Thanks,
Dharmesh
03-25-2008 04:01 PM
Dharmesh, thank you for your reply.
No I don't have port 4500 open. Why does it need to be opened?
Best regards,
Triet
04-01-2008 04:55 PM
Yes I already have port NAT-T open, just didn't realise that "non500-isakmp" is actually 4500.
04-16-2008 07:45 PM
Hi again,
I have finally had the VPN working between a Draytek and a Cisco router. Both on dynamic IP. I wrote down as a blog, check it out if you need to:
http://trietgiang.blogspot.com/2008/04/dialin-vpn-from-draytek-to-cisco.html
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide