VPN connection OK but not soumana ping on the ROUTER before the VPN ROUTER

Hello

In my test harness, that I am able to connect my CISCO ROUTER with VPN CLIENT and I can ping it also, but when I try to ping something thing on the other router, don't worry, I may be an isue ACL?

Any help is welcome

Here below the script and configuration:

PC (VPN CLIENT)-> C2691 (IPSec VPN)-> C1841(IP 192.168.10.1)

Router ipsec crypto #sh her

Interface: FastEthernet0/0
Tag crypto map: clientmap, local addr 172.18.124.1

protégé of the vrf: (none)
local ident (addr, mask, prot, port): (0.0.0.0/0.0.0.0/0/0)
Remote ident (addr, mask, prot, port): (14.1.1.106/255.255.255.255/0/0)
current_peer 172.18.124.2 port 500
LICENCE, flags is {}
#pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
#pkts decaps: 59, #pkts decrypt: 59, #pkts check: 59
compressed #pkts: 0, unzipped #pkts: 0
#pkts uncompressed: 0, #pkts compr. has failed: 0
#pkts not unpacked: 0, #pkts decompress failed: 0
Errors #send 0, #recv 0 errors

local crypto endpt. : 172.18.124.1, remote Start crypto. : 172.18.124.2
Path mtu 1500, ip mtu 1500
current outbound SPI: 0xE9640C2B (3915648043)

SAS of the esp on arrival:
SPI: 0xE23C352 (237224786)
transform: esp-3des esp-sha-hmac.
running parameters = {Tunnel}
Conn ID: 2002, flow_id: SW:2, crypto card: clientmap
calendar of his: service life remaining (k/s) key: (4462659/3582)
Size IV: 8 bytes
support for replay detection: Y
Status: ACTIVE

the arrival ah sas:

SAS of the CFP on arrival:

outgoing esp sas:
SPI: 0xE9640C2B (3915648043)
transform: esp-3des esp-sha-hmac.
running parameters = {Tunnel}
Conn ID: 2003, flow_id: SW:3, crypto card: clientmap
calendar of his: service life remaining (k/s) key: (4462669/3579)
Size IV: 8 bytes
support for replay detection: Y
Status: ACTIVE

outgoing ah sas:

outgoing CFP sas:
Router #.

Router #sh card crypto
"Clientmap" ipsec-isakmp crypto map 10
Dynamic map template tag: dynmap

"Clientmap" 65536 ipsec-isakmp crypto map
Peer = 172.18.124.2
Extended IP access list
ip access list allow any host 14.1.1.106
dynamic (created from dynamic dynmap/10 map)
Current counterpart: 172.18.124.2
Life safety association: 4608000 Kbytes / 3600 seconds
PFS (Y/N): N
Transform sets = {}
RIGHT,
}
Interfaces using map clientmap crypto:
FastEthernet0/0

Router #.

Router #sh arp
Protocol of age (min) address Addr Type Interface equipment
Internet 192.168.10.1 37 ARPA FastEthernet0/1 0024.c4eb.6600
Internet 192.168.10.20 6 0024.2b4d.0c5a ARPA FastEthernet0/1
Internet 192.168.10.200 36 0025.9c39.57e2 ARPA FastEthernet0/1
Internet 172.18.124.2 1 0022.4135.3f5e ARPA FastEthernet0/0
Internet 172.18.124.1 - 0013.191f.ac00 ARPA FastEthernet0/0
Internet 192.168.10.166 - 0013.191f.ac01 ARPA FastEthernet0/1
Router #.

Current configuration: 2320 bytes
!
version 12.4
horodateurs service debug datetime msec
Log service timestamps datetime msec
no password encryption service
!
router host name
!
boot-start-marker
boot system flash: c2691-adventerprisek9 - mz.124 - 5a .bin
boot-end-marker
!
!
AAA new-model
!
!
AAA authentication login userauthen local
AAA authorization groupauthor LAN
!
AAA - the id of the joint session
!
resources policy
!
IP cef
!
!
No dhcp use connected vrf ip
DHCP excluded-address IP 172.18.124.1
!
dhcp VPN IP pool
import all
network 172.18.124.0 255.255.255.0
router by default - 172.18.124.1
lease 5
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
Fax fax-mail interface type
0 username cisco password Cisco
!
!
!
crypto ISAKMP policy 3
BA 3des
preshared authentication
Group 2
!
ISAKMP crypto client configuration group 3000client
key cisco123
DNS 8.8.8.8
domain cisco.com
pool ippool
!
!
Crypto ipsec transform-set esp-3des esp-sha-hmac RIGHT
!
Crypto-map dynamic dynmap 10
Set transform-set RIGHT
!
!
map clientmap client to authenticate crypto list userauthen
card crypto clientmap isakmp authorization list groupauthor
client configuration address map clientmap crypto answer
10 ipsec-isakmp crypto map clientmap Dynamics dynmap
!
!
!
!
interface FastEthernet0/0
IP 172.18.124.1 255.255.255.0
automatic speed
Half duplex
clientmap card crypto
!
interface Serial0/0
no ip address
Shutdown
!
interface FastEthernet0/1
IP 192.168.10.166 255.255.255.0
automatic speed
Half duplex
!
interface Serial1/0
no ip address
Shutdown
series 0 restart delay
No terminal-dce-enable-calendar
!
interface Serial1/1
no ip address
Shutdown
series 0 restart delay
No terminal-dce-enable-calendar
!
interface Serial1/2
no ip address
Shutdown
series 0 restart delay
No terminal-dce-enable-calendar
!
interface Serial1/3
no ip address
Shutdown
series 0 restart delay
No terminal-dce-enable-calendar
!
IP local pool ippool 14.1.1.100 14.1.1.200
IP route 0.0.0.0 0.0.0.0 192.168.10.1
!
!
IP http server
no ip http secure server
!
TEST extended IP access list
allow an ip
TEST2 extended IP access list
allow an ip
!
!
!
!
!
control plan
!
!
!
!
!
!
Dial-peer cor custom
!
!
!
!
!
!
Line con 0
transportation out all
Speed 115200
line to 0
transportation out all
line vty 0 4
transport of entry all
transportation out all
!
!
end

Hello

You have this Setup:

PC (VPN CLIENT)-> C2691 (IPSec VPN)-> C1841(IP 192.168.10.1)

When it is connected with the VPN client, can you PING the LAN IP of the C2961?

This communication should go through the tunnel and you should see encrypted packets on the "sh cry ips its"

In order to do a PING of the C1841, the C1841 needs a route back to the C2961 when the traffic is for VPN client (assuming that there is not a default gateway in place).

Federico.

Tags: Cisco Security

Similar Questions

  • OfficeJet 6600. Works as a printer, but not able to start the scanner.

    OfficeJet 6600. Works as a printer, but not able to start the scanner.

    I am facing a strange behaviour of my camera. I tried to find similar problems on the forum, but did not succeed.

    I started it 2 days (near my 5610 old which seems to have problems of aging). I use a Sony VAIO PC, OS Win7-Pro, updated.

    Running the appliance following the instructions of the poster. Presents the installation CD. Wireless net was successful and the screen of the device is to give the corresponding IP address.

    But this IP has realized the configuration SW is not recognized. I tried thousands of times, switching and on different devices (router, printer and pc) in the order required, uninstall and reinstall the device.

    However, despite the property intellectual not recognized the device functioning as a "printer".

    But I need to use it as a scanner.

    Procedure by selecting the "scan to PC" screen of the device (only available as an option) I get the message "to ensure that the feature is turned on" and I am prompted to 'open the printer HP SW,... '. ».

    Go to Windows and by clicking on "HP SCAN" in the HP/HP Officejet 6600 directory I get the a warning window stating "HP Officejet unidentified 6600.

    Can someone, please?

    Thank you in advance.

    Hey,.

    Try this document! A "no computer has detected" or "Connection error" message when scanning for HP Officejet 6600 e-all-in-one and 6700 Premium e-All-in-One Printer Series (H711)

    Have a great day!

  • I have HTC HTC ChaCha A810e but not picked up at the Nepal

    I have HTC HTC ChaCha A810e but not picked up at the Nepal.

    James,

    We have actually official ARMv6 builds now available for download: http://nightly.mozilla.org (select the download option ARMv6 downstairs in the Android category).

  • After a new installation of OSX Lion, I want to reinstall my firefox sync preferences. I saved my key before clening the computer, but not firefox indicates that the key is incorrect. Any ideas would be most appreciated!

    After a new installation of OSX Lion, I want to reinstall my firefox sync preferences. I saved my key before clening the computer, but not firefox indicates that the key is incorrect. Any ideas would be most appreciated!

    Try typing the key to recovery without 5 dashes.

  • of the Assembly's strong name validation failed "c:\windows\home\ehshell.exe". the file may have been tampered with or it was partially signed but not fully signed with the private key, what should I do?

    After I update to Windows XP SP 3 my media center has completely stopped working and it gives me following e: validation failure of strong name for the assembly 'c:\windows\home\ehshell.exe '. the file may have been tampered with or it was partially signed but not fully signed with the private key.

    What I would do.  I was grinding a lot and nothing has worked so far.

    Stone

    Please answer questions following diagnosis in a numbered list type in your very next answer (no need to quote this post):

    1. What is the full name of your application or the installed antivirus security suite and when (date about) is your subscription current expires?  What (other than Defender) anti-spyware applications are installed?  What third-party firewall (if applicable)?

    2 a Norton or McAfee application ALREADY installed on the computer?

    3. do you have a free trial Norton, or a test of free McAfee [a] come preinstalled on the computer when you bought it? (No matter if you have never used or activated).

    4. why has not been installed SP3 years?

  • FDMEE of planning data loaded successfully but not able to see the data in Planning - export of fish shows in FDMEE

    Hi all

    We loaded FDMEE data to planning, data has been loaded successfully, but not able to see the data in the Planning Application.

    In the processes log, I can see her mentioned data loaded in the Cube. Please advise on this.

    Thank you

    Roshi

    Two things:

    -I wasn't talking about method you import data but export data. You use the SQL method. Go to target Applications, select your application of planning/essbase, and set load method as a file. Memorize your settings

    2014-06-19 12:26:50, 692 [AIF] INFO: rules properly locked the file AIF0028

    2014-06-19 12:26:50, 692 INFO [AIF]: load data into the cube by launching the rules file...

    2014-06-19 12:26:50, 692 INFO [AIF]: loading data into the cube using sql...

    2014-06-19 12:26:50, 801 [AIF] INFO: the data has been loaded by the rules file.

    2014-06-19 12:26:50, 801 [AIF] INFO: Unlocking AIF0028 rules file

    2014-06-19 12:26:50, 801 [AIF] INFO: successfully unlocked rules AIF0028 file

    -Then export again and review. DAT file in the Outbox folder. Is it empty?

    -You need to add a new dimension to your import format (Dimension add > currency). Then add Local as expression

    -Import, validate and export data

  • Reinstal Cloud but not uninstal not possible as long as the app running, but not other applications in the Task Manager

    Hello

    I need to reinstall the Cloud but uninstal is not possible as long as the app running, but not other applications in the Task Manager.

    Windows 7

    Uninstaller: "another version of office of creative cloud or an installer Adobe is running...". »

    TaskManager: browser runs only.

    Windows Installer / change: "unable to désinstaller creative cloud to desktop. You still have creative Cloud computer applications that need it.

    So, how I re install this, thank you

    Safe mode using the application of Creative Cloud Uninstaller has worked.

  • FDMEE of planning data loaded successfully but not able to see the data

    Hi all

    We loaded FDMEE data to planning, data has been loaded successfully, but not able to see the data in the Planning Application.

    In import format, we have not mentioned hsp_rates, it's that whole issue?

    If we have different currencies, where we must define?

    Suppose we have INR, USD and GBP if I want to load the data of INR, where we define?

    Thank you

    Praveen

    Problem solved

    I've made changes in the import format now I am able to see the data in the Planning Application.

    Thank you

  • How to open GROSS of DSC_RX100M3 images?  I downloaded Adobe DNG converter 8.4, but not able to convert the images?

    How to open GROSS of DSC_RX100M3 images?  I downloaded Adobe DNG converter 8.4, but not able to convert the images?

    Minor correction to what SSprengel wrote...

    The RX100M3 is supported only by version 8.5.  Looks like you need a newer version.

    Using Photoshop | Digital Negative (DNG)

    -Christmas

  • Equium laptop computer connects cable but not wireless

    Hello

    I m hoping someone can help. I have a laptop Toshiba Equium and it has been connected wireless for centuries. All of a sudden last night it stopped working.
    I have 2 of these laptops and it works fine and all my phones in the House and consoles are connect wireless fine so I know that this is not a problem with the hub.

    I try to make a new connection and it says unable to connect and when I click the diagnose button, it says "windows received no response from the access point or wireless router.

    I can use the net fine with a wired connection to the hub.
    When I check for available wireless connections it shows my super blank hub with excellent signal
    I tried updating drivers and also uninstall the card network wireless and re install but this nature does nothing.

    Please can someone help. more necessary info just reply.

    Thanks in advance to all those who help

    If I understand you right WLAN adapter is installed and enabled correctly, your laptop can detect WLAN but cannot connect to it, right?
    Have you tried to reboot your router?

    What operating system do you use?

  • Officejey 8620e Pro: Officejet Pro 8620 connect wireless but not visible by any other device of

    Printer was fine for 9 months.  That is, Apple devices could print using AirPrint.  Computers laptops MacBook Pro and Windows 8 were also very good.  But now printer is not visible by any device when trying to print / set up a printer.  Finally managed to do work with a USB cable, but it's not practical for all members of the family.  Have you tried:

    Full power reset

    Reset wifi

    Updated drivers

    Recycled all devices that are used to be able to see the printer.

    To confirm, the printer says that it is connected to the wifi & AirPrint and wakes up when the control panel is touched.

    Thanks in advance

    Hello @Insightful_Chap! I'd love to help you with your Pro Officejet 8620.

    I understand your description that the printer is connected to your network, but is no longer visible for your devices. Although the printer is connected, I would allows you to use the following document to solve the problem as it will guide you through the necessary steps: HP Officejet Pro 8610, 8620, 8630, 8640 and 8660 e - all-in - One Printer Series - printer does not maintain the wireless connection.

    Please let me know the results of your efforts and we can go from there.

  • Computer Dell laptop connects wireless but not online

    I have a Dell laptop that I bought about five months ago. We just bought a router wireless about two weeks ago and it was working fine until a few days ago, when the internet connection is slow all day until we have reset the internet modem itself. That day, my computer wouldn't connect to the internet after a few hours of surfing on slow internet. After that reset us it, he started to work very well. Then, the next day it was working fine until it just stopped to let us browse the internet. My desktop computer that uses a USB connection wireless and the Xbox 360 with WiFi, both work. Now, I pressed my button wireless countless times, and I am connected to my network with almost full bars. Some of the software on my computer can connect to the internet, as the update of windows, but I can't use any internet browser - I use Safari, but I tried as well IE. When I look at the plan of the connection, there is a line dashed to the router from my computer, but he always says that I have full internet access. Has connectivity IPv4 and IPv6 is not. I tried to uninstall my card, but it did not reinstall rebooted once and I undid the system restore I had tried a few days earlier to pick up my internet. We also tried to connect with an ethernet cable - says there is connection, but also will not let me do anything. Also, I ran diagnostics on my cards and Windows said reset, but I still have the problem and it "resets" whenever the diagnostics are executed. IP address of my router starts with 192. I've searched and searched for answers, but nothing works.

    The new answers?

    Hello

    Try the following steps:


    Step 1    : first of all, temporarily disable the firewall settings and security software and check if it makes a difference.


    NOTE    : Please check you to re - activate the anti virus program after reviewing the issue.


    Step 2    : make sure you have the latest updates and service packs for Windows Vista.

    Reference: http://windows.microsoft.com/en-US/windows-vista/Install-Windows-updates


    Step 3    : battery Reset TCP/IP.

    To reset the stack TCP/IP go to this article and click on "Fix it for me" or follow the instructions to fix it yourself: http://support.microsoft.com/kb/299357

    Kind regards
    Afzal Taher
    Microsoft technical support engineer

  • Laptop can connect wirelessly, but not through cable utp to the internet. Help!

    I tried to connect my computer laptop windows 7 to the internet using a utp cable. Unfortunately, without success. Works with wireless, but in my dorm, I cannot use internet via cable. I tried to turn off the wireless, but that did not work either the comouter does not recognize that the cable is already connected. Please help me solve this problem.

    Thanks for your help in advance! :)

    I would check the cable carefully.  Sometimes, some of the wires are loose from the plug.  See if the laptop can connect to cables in other places.  If possible, the problem is with the cable and not on your computer.

    Good luck.

  • connection exists but not Internet

    I router AI UN xavier 7968 cnnecte my pc connection exists, but PA Internet

    I router AI UN xavier 7968 cnnecte my pc connection exists, but PA Internet

    Please re-post this in terms of the language in the menu drop-down list at the bottom of the page. This forum is for English only.

    If you can't find the language you need, additional language support can be found here...
    http://support.Microsoft.com/common/international.aspx

  • Tbird24.2.1 would be send but not receive because of the mistake of password so to rectify deleted the pop account passwords, closed Tbird, Tbird open but not ask PW?

    TBird 24.2.1 stopped downloading email after a meeting with Bell Aliant to correct their records physical and my phone number and e-mail addresses. During the Exchange, they also checked my pop password and smtpa. I discovered that the password for the pop account has been misspelled and finds a solution of Mozilla Help which essentially necessary to remove the account from the list of accessible password by cmd / security/passwords / registered / show passwords passwords, by selecting the pop password and delete. The indications were going out of the window options, TBird and then restart TBird that would encourage the pop password, in which case the correct version could be provided.

    PROBLEM: TBird 24.2.1 don't ask the password so it can not be corrected. The above method only allows deletion of accounts with no changes or creation of one available. TBird is located just 2 minutes of or3 trying to access the account and then stops leaving one in with old email inbox.
    Please advise!

    If you do not get the password prompt, Thunderbird cannot connect to the server. In other words, you don't even not so far to be prompted for the password.
    Check with Bell Aliant that you do not have the correct server settings.

Maybe you are looking for

  • HP Jet 8: 8 HP flow can't keep not fresh, takes place at 0% even when it is plugged

    My HP flow 8 tablet has never held public office.  I leave it plugged in all night and the next day it is fully charged, but the charge only lasts 2 hours at the most, even if it is plugged I use it all the time.  He goes down to 0% and turns off.  I

  • Upgrading a dv6000 to 4 GB of ram

    Hello I dug just my old HP and would like to get a few programs running that are not available on Mac. Most of them need 4 GB of ram, however, and my laptop, according to Crucial system scanner can support 2 GB. I'm no expert on upgrading a laptop an

  • I can connect wirelessly to the network, but cannot connect to the internet.

    Ethernet to wireless connection? Hello. I have a Dell Dimension 2400 desktop computer and bought a 50M USB WiFi Wireless LAN 802.11 n/g/b adapter so that I could move my desk in another room and a wireless connection.  I was able to connect it to my

  • Microsoft office for windows 7 will not download

    Thus, after Windows 10 has been downloaded without authorization on our laptop ASUS and nearly a week of the struggle of the community looking for a solution, that I got ASUS was the F9 recovery.  Of course the Office package that we bought to be rei

  • Some problems with the construction of project in Eclipse

    I use js + css3, html5 in my project for smartphone. And I have problem (error) with a construction project. --------- [INFO] Parsing of the command line options[INFO] Bbwp.properties analysis[INFO] Validation of archive application[INFO] The analysi