VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…

Incroyable HULK

Hello all,

after many hours of reading thru website, blogs, pfSense book I finally managed to get a VPN Tunnel up and running with a UC560 unit. ::)  This unit already has a VPN tunnel with another UC560 and I need to add a tunnel for an other location that is using a pfSense.

So, I mainly followed the guides I found in the book or on the pfSense website but I had to do the following to make it work:

• Update to version 2.2.4

• Negotiation mode set to Aggressive

• Use the Preshared Key already in the UC560 and tied to 0.0.0.0 (for the VPN link to the other UC560)

Now, the tunnel is up and running and I can confirm with the pfSense box and the Cisco that it's working:

Interface: GigabitEthernet0/0
Profile: SITE-TO-SITE
Session status: UP-ACTIVE
Peer: X.Y.Z.153 port 500
  IKE SA: local X.Y.Z.154/500 remote X.Y.Z.153/500 Active
  IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.1.0/255.255.255.0
        Active SAs: 2, origin: crypto map
  IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 192.168.50.0/255.255.255.0
        Active SAs: 0, origin: crypto map

Unfortunately, I tried to Ping each boxes from each side and I get nothing… I must admit I am exhausted and I don't know where to look.

Any idea?

BTW, I did run some command on the Cisco unit to disable NAT thru the tunnel.