Hi,
Two sites (A & B) are interconnected with an ipsec tunnel and there're two networks configured under the same crypto acl.
ip access-list extended vpnams1-vpnbud1 permit ip host 210.81.15.112 10.10.0.0 0.0.255.255
Hello,
Please post the crypto-map settings and the isakmp lines for both router. I might help you.
Cheers,
R.
Hi,
Here's two routers crypto map & isakmp profile setting :
RouterA -- crypto isakmp policy 30 encr 3des authentication pre-share group 2 ! crypto ipsec transform-set esp-3des-sha esp-3des esp-sha-hmac ! ! crypto map RouterA local-address FastEthernet0/0 crypto map RouterA 1 ipsec-isakmp set peer x.x.x.x set transform-set esp-3des-sha match address RouterA-RouterB ! ip access-list extended RouterA-RouterB permit ip host 210.81.15.112 10.10.0.0 0.0.255.255 permit ip host 210.81.15.112 172.16.128.0 0.0.0.63
RouterB - crypto isakmp policy 20 encr 3des authenticati> >
Hi,
I had cases where the order of the acl faced issues when it was not in line. So, put the access-list on both routers in line. It might help.
Cheers,
R.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.