VPN Tunnel with Cisco UC560\. Tunnel is UP but no traffic…
after many hours of reading thru website, blogs, pfSense book I finally managed to get a VPN Tunnel up and running with a UC560 unit. ::) This unit already has a VPN tunnel with another UC560 and I need to add a tunnel for an other location that is using a pfSense.
So, I mainly followed the guides I found in the book or on the pfSense website but I had to do the following to make it work:
Update to version 2.2.4
Negotiation mode set to Aggressive
Use the Preshared Key already in the UC560 and tied to 0.0.0.0 (for the VPN link to the other UC560)
Now, the tunnel is up and running and I can confirm with the pfSense box and the Cisco that it's working:
Interface: GigabitEthernet0/0 Profile: SITE-TO-SITE Session status: UP-ACTIVE Peer: X.Y.Z.153 port 500 IKE SA: local X.Y.Z.154/500 remote X.Y.Z.153/500 Active IPSEC FLOW: permit ip 192.168.50.0/255.255.255.0 192.168.1.0/255.255.255.0 Active SAs: 2, origin: crypto map IPSEC FLOW: permit ip 192.168.1.0/255.255.255.0 192.168.50.0/255.255.255.0 Active SAs: 0, origin: crypto map
Unfortunately, I tried to Ping each boxes from each side and I get nothing… I must admit I am exhausted and I don't know where to look.
BTW, I did run some command on the Cisco unit to disable NAT thru the tunnel.