RE: VPN

From: Larson, Chris (Contractor) (Chris.Larson@xxxxxx)
Date: Fri Jan 04 2002 - 14:50:27 GMT-3

• Next message: cisco: "Where Can I get some CCIE security Practice LABS."
• Previous message: Annu: "Re: IS-IS Verification"
• Maybe in reply to: Huy Luu: "VPN"
• Next in thread: tom cheung: "Re: VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

   
What is the access-list on the other side? They should generally be
mirrored with Cisco devices for everything to work properly. Try an
access-list on R3 that mirrors the one on R1.

-----Original Message-----
From: Huy Luu [mailto:Huy_Luu%COMMONWEALTH@ccginc.com]
Sent: Friday, January 04, 2002 12:20 PM
To: ccielab@groupstudy.com
Subject: VPN

Hello all,

Iam having problems with VPN. here is the topology:

r1------ r2--------- r3

When I define traffic that should be encrypted from r1 to r2, I defined
two specific network and the traffic is encrypted. When I define an
access-list with any as the source and the destination of a network behind
r2, it does not work. I get the following error:
 %CRYPTO-6-IKMP_MODE_FAILURE: Processing of Quick mode failed with peer at
10.10.10.2

Why does the router fail when I define any as the source ip of the traffic
that should be encrypted?

Thankyou all in advance.

• Next message: cisco: "Where Can I get some CCIE security Practice LABS."
• Previous message: Annu: "Re: IS-IS Verification"
• Maybe in reply to: Huy Luu: "VPN"
• Next in thread: tom cheung: "Re: VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 10:56:16 GMT-3