Can anyone help with an IPSEC VPN problem on an 828?
I've got two 828s and I'm trying to set up a tunnel between them. I've copied commands to do the tunnel from an 837 config that works fine (on an 837!). The
828s connect to the Internet fine but when I ping from one network to the other the tunnel simply doesn't attempt to connect. "debug crypto isakmp" produces no output so the tunnel isn't even attempting to negotiate. "debug ip packet 120" does produce output when you ping from one network to the other, so the ACL that specifies tunnel traffic is correct. However the routers behave as if no tunnel has been configured.I've attached both configs below, and I'd be grateful if anyone can spot what I've missed. I recall that on the 837 there were so settings that weren't obvious, for example you needed "no ip mroute-cache" and "hold-queue 100 out" in the Ethernet0 interface config. I wonder if there is some equally non-obvious setting I've missed for the 828.
BTW I've checked the peer IP addresses and they're correct. But even if they weren't shouldn't "debug crypto isakmp" produce some output?
Thanks,
John Rennie
-----8