VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…



  • Hello all,

    after many hours of reading thru website, blogs, pfSense book I finally managed to get a VPN Tunnel up and running with a UC560 unit. ::)  This unit already has a VPN tunnel with another UC560 and I need to add a tunnel for an other location that is using a pfSense.

    So, I mainly followed the guides I found in the book or on the pfSense website but I had to do the following to make it work:

    • Update to version 2.2.4

    • Negotiation mode set to Aggressive

    • Use the Preshared Key already in the UC560 and tied to 0.0.0.0 (for the VPN link to the other UC560)

    Now, the tunnel is up and running and I can confirm with the pfSense box and the Cisco that it's working:

    Interface: GigabitEthernet0/0
    Profile: SITE-TO-SITE
    Session status: UP-ACTIVE
    Peer: X.Y.Z.153 port 500
      IKE SA: local X.Y.Z.154/500 remote X.Y.Z.153/500 Active
      IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.1.0/255.255.255.0
            Active SAs: 2, origin: crypto map
      IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 192.168.50.0/255.255.255.0
            Active SAs: 0, origin: crypto map
    

    Unfortunately, I tried to Ping each boxes from each side and I get nothing… I must admit I am exhausted and I don't know where to look.

    Any idea?

    BTW, I did run some command on the Cisco unit to disable NAT thru the tunnel.