I am able to establish a VPN link between HQ and a remote site using two Cisco 877 routers configured as a EasyVPN server and client configuration.
Upon establishing the remote site with a "network extension" mode (not "client" mode), I am only able to ping the HQ Cisco 877 internal IP address but not any other valid internal IPs at HQ. HQ too can only ping the remote site's Cisco 877 internal IP address. "Interesting" traffic has been set correctly as ping destination are forced via the VPN tunnel when pings are made to both ends' internal IP addresses. But a traceroute (in MSDOS prompt) reveals a "Request timeout error" to IPs other than the Cisco 877 routers' interal IP addresses.
Testing the VPN tunnel (on the remote site's Cisco 877) reveals this error despite a successful link up:
"A ping with data size of this VPN interface MTU size and 'Do not Fragment' bit set to the other end VPN device is failing. This may happen if there is a lesser MTU network which drops the 'Do not fragment' packets."
Both sites have static public IP address for the routers.
What could be the problem?