From: Nick Shah (nshah@connect.com.au)
Date: Sun Sep 15 2002 - 23:47:08 GMT-3
James
What I think is that you have to 'selectively allow' what traffic you want
encrypted. If you are using permit ip any any in the ACL , you can run into
probs. like this .
The key is to 'only encrypt' traffic between R1 & R6 (10.1.1.1 & 10.1.5.2)
so the ACL should 'allow' these.
Nick
----- Original Message -----
From: "James Coleman" <colemanjc@email.com>
To: <cchurch@MAGNACOM.com>
Cc: <ccielab@groupstudy.com>
Sent: Monday, September 16, 2002 11:40 AM
Subject: IPsec
> My lab is in a couple of weeks and I'm struggling with IPsec. I have the
> configs down cold, but when I confiure IPSec between 2 routers that
> connect to another router via point to point, I'm unable to ping that
> interface. For example, r1 - 10.1.1.1 r2 - 10.1.1.2 r5 - 10.1.5.1 r6 -
> 10.1.5.2. When I config IPSec between r1 and r6, I establish an SA on
> both routers and I'm able to ping the interface on both r1 and r6. The
> problem is that I can't ping 10.1.1.2(r2) from r6. Any ideas? --
>
> _______________________________________________
> Sign-up for your own FREE Personalized E-mail at Mail.com
This archive was generated by hypermail 2.1.4 : Mon Oct 07 2002 - 07:43:53 GMT-3