VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…
-
Hello all,
after many hours of reading thru website, blogs, pfSense book I finally managed to get a VPN Tunnel up and running with a UC560 unit. ::) This unit already has a VPN tunnel with another UC560 and I need to add a tunnel for an other location that is using a pfSense.
So, I mainly followed the guides I found in the book or on the pfSense website but I had to do the following to make it work:
-
Update to version 2.2.4
-
Negotiation mode set to Aggressive
-
Use the Preshared Key already in the UC560 and tied to 0.0.0.0 (for the VPN link to the other UC560)
Now, the tunnel is up and running and I can confirm with the pfSense box and the Cisco that it's working:
Interface: GigabitEthernet0/0 Profile: SITE-TO-SITE Session status: UP-ACTIVE Peer: X.Y.Z.153 port 500 IKE SA: local X.Y.Z.154/500 remote X.Y.Z.153/500 Active IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.1.0/255.255.255.0 Active SAs: 2, origin: crypto map IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 192.168.50.0/255.255.255.0 Active SAs: 0, origin: crypto mapUnfortunately, I tried to Ping each boxes from each side and I get nothing… I must admit I am exhausted and I don't know where to look.
Any idea?
BTW, I did run some command on the Cisco unit to disable NAT thru the tunnel.
-