GET-IT: TEAMS DAY | 1-Day Free Virtual Conference all about Teams. Here on Petri.com - 8/12/20 GET-IT: TEAMS DAY - 8/12/20

No traffic through VPN

Home Forums Networking Cisco Routers & Switches How-to No traffic through VPN

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    Gomjaba
    Member
    #154881

    I have setup an IPSec VPN between a SonicWall and my ADSL Cisco 877 ..

    The VPN comes up immediately but I can’t seem to be able to pass traffic in either direction, ping or otherwise.

    Every port is open on the Sonic, from any Zone to VPN and visa versa, so I have the sneaky suspicion that my cisco box isn’t configured properly.

    Maybe someone here has an idea .. Here is the relevant config

    Code:
    password encryption aes
    !

    crypto isakmp policy 5
    encr 3des
    authentication pre-share
    group 2
    lifetime 28800
    crypto isakmp key 6 xxx address xx.xxx.xxx.xx
    !
    !
    crypto ipsec transform-set STRONG esp-3des esp-sha-hmac
    crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
    !
    crypto map SDM_CMAP_1 1 ipsec-isakmp
    description Tunnel toxx.xxx.xxx.xx
    set peer xx.xxx.xxx.xx
    set transform-set ESP-3DES-SHA
    match address 100
    !

    interface Dialer0
    bandwidth inherit
    ip address negotiated
    no ip redirects
    no ip unreachables
    ip nat outside
    ip virtual-reassembly
    dialer pool 1
    dialer-group 1
    crypto map SDM_CMAP_1
    ip rtp header-compression iphc-format
    !
    ip nat inside source static tcp 192.168.13.240 3389 interface Dialer0 3389
    ip nat inside source route-map SDM_RMAP_1 interface Dialer0 overload
    !
    logging 192.168.13.240
    access-list 1 permit 192.168.13.0 0.0.0.255
    access-list 23 permit yy.yyy.yyy.yyy
    access-list 23 permit tt.ttt.tt.ttt
    access-list 23 permit uu.uu.uuu.uu
    access-list 23 permit qq.qqq.qq.qq
    access-list 23 permit xx.xxx.xxx.xx
    access-list 23 permit ee.eee.eee.ee
    access-list 23 permit 192.168.13.0 0.0.0.255
    access-list 100 remark Traffic via VPN
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.9.0 0.0.0.255
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.10.0 0.0.1.255
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.2.0 0.0.0.255
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.4.0 0.0.0.255
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.16.0 0.0.15.255
    access-list 100 permit ip 192.168.13.0 0.0.0.255 192.168.32.0 0.0.15.255
    access-list 102 remark Traffic via ADSL
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.9.0 0.0.0.255
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.10.0 0.0.1.255
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.2.0 0.0.0.255
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.4.0 0.0.0.255
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.16.0 0.0.15.255
    access-list 102 deny ip 192.168.13.0 0.0.0.255 192.168.32.0 0.0.15.255
    access-list 102 permit ip 192.168.13.0 0.0.0.255 any
    dialer-list 1 protocol ip permit
    !
    !
    route-map SDM_RMAP_1 permit 1
    match ip address 102
    !

    Any help is appreciated

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.