Site to Site VPN on Cisco 2900 Router - PowerPoint PPT Presentation

About This Presentation
Title:

Site to Site VPN on Cisco 2900 Router

Description:

Site to Site VPN on Cisco 2900 Router, the question and solution – PowerPoint PPT presentation

Number of Views:250

less

Transcript and Presenter's Notes

Title: Site to Site VPN on Cisco 2900 Router


1
Site to Site VPN on Cisco 2900 Router
2
Site to Site VPN on Cisco 2900 Router
  • I am facing a very big problem with site to site
    vpn on cisco 2900 ios.
  • I configured the vpn and when i ping from router
    itself to destination ip with
  • source as lan interface , VPN works, no problem.
  • but when i connect any computer directly to
    router's lan interface to initiate
  • traffic , it doesnot work at all. and on
    computer's lan i see yeloow sign.
  • mtu is 1500, speed is auto (i tried chaging also)
    , duplex is auto ( i tried
  • changing also) , thoguh firewall on pc should not
    affect but still i disabled it.
  • since their is no problem with vpn config as vpn
    comes up when i initiate ping
  • from router itself but i dont know why it is not
    working from lan.
  • Do we need any inspect icmp on this router also ?
    or any policy modification to pass
  • traffic across the interfac on router is required
    ?
  • I was useinf c2900k9-15.0(M4).bin and i upgraded
    it to 15.3 which is lated to get reed of
  • any bug.
  • Lastly, I connected two laptops directly to
    router's gi0/0, g0/1 interface to ping from one
  • laptop to another but this also did not work.

3
The solution
  • You will need to configure that lan network as
    interesting traffic for the VPN, you can use the
    access list for this. what is the scenario for
    those two laptops? are they on the same subnet?
    different subnet? have you configured the default
    gateway? have you configured any static routes?

4
Then you have the result as below
  • 1 Lan network is configured as interesting ,
    and whatever ip I put on router's lan interface
    from that subnet and initiate the traffic to
    other site VPN works. but when i put the same on
    any computer in the lan , it does not now,
    present -
  • 2 laptop A(192.168.1.10)---------g0/1(192.168.
    1.1)router(g0/1-10.0.0.1)-------10.0.0.10lapto B
  • 3 laptop A is not able to ping laptop B ,
    when i do "debug ip icmp" and initiate traffic
    from laptop A , i do not see anything however
    when i initiate ping from router "ping 10.0.0.10
    source g0/1" it works and i see debugs.

5
  • And You have to use crossover cable if you
    connect PC directly to the router. If each laptop
    can ping corresponding router interface, and the
    gateways of that laptops set to be those
    interfaces' IPs, everything should work fine.

6
About 3Anetwork
  • 3Anetwork.com is a world leading Cisco networking
    products wholesaler, we wholesale original new
    Cisco networking equipments, including Cisco
    Catalyst switches, Cisco routers, Cisco
    firewalls, Cisco wireless products, Cisco modules
    and interface cards products at competitive price
    and ship to worldwide.
  • Our website http//www.3anetwork.com
  • Telephone 852-3069-7733
  • Email  info_at_3Anetwork.com
  • Address 23/F Lucky Plaza, 315-321 Lockhart Road,
    Wanchai, Hongkong
Write a Comment
User Comments (0)
About PowerShow.com