i've a problem in setting up a vpn tunnel. It is possible to send encrypted traffic from local to remote side, but the remote side is unable to access the local server.
The traffic selection for the crypto map looks like this:
crypto map outside_map 160 match address outside_160_cryptomap crypto map outside_map 160 set peer a.b.c.d crypto map outside_map 160 set transform-set ESP-3DES-SHA crypto map outside_map 160 set security-association lifetime seconds 3600 crypto map outside_map interface outside ... access-list outside_160_cryptomap extended permit ip host host access-list outside_160_cryptomap extended permit icmp any host
access-list 123 permit ip host host access-list 123 permit icmp any host
Sending data from to is working. But when trying to do a PING from one of the remote networks, i always get this in the log:
Rejecting IPSec tunnel: no matching crypto map entry for remote proxy0.0.0.0/0.0.0.0/1/0 local proxy /255.255.255.255/1/0 on interface outside
But as i understand, exactly this traffic is selected by my local access-list, isn't it?