Solved

Site to Site VPN Establishes Tunnel - Unable to Pass Traffic

Posted on 2009-05-15
3
285 Views
Last Modified: 2012-05-07
All my site to site VPN users are able to establish the tunnel and pass phase 1 and 2.  They are unable to access the servers/workstations on our network.  Our PPTP VPN users are working as normal.  All connections were working fine until we replaced a core switch in our main location.  We are running the same build on this switch as the one we replaced.  I feel this is a security issue on the switch, but unable to pinpoint. Any help is appreciated.
0
Comment
Question by:AdminBWC
3 Comments
 
LVL 13

Accepted Solution

by:
Quori earned 125 total points
ID: 24407698
What is terminating the IPsec tunnels? Can you provide a network diagram and any relevant configs?
0
 
LVL 1

Assisted Solution

by:equarando
equarando earned 125 total points
ID: 24419307
Please post make and model of switches/hardware and configs
0
 

Author Comment

by:AdminBWC
ID: 24425324
Thanks to you both for responding, but we were able to resolve the issue with Cisco support.  It was not a logical resolve as no one can tell me "why" it occurred, but they did find a fix.  When asked why it had been working fine for years and now it is not, I believe the term "magic" occurred in one engineer's response.  
And to help those with the same issue in the future, ACLs permitting outside traffic coming in had to be added for all my crypto clients. Clients running just fine for up to 3 years without any problem and no changes just magically stopped working.
I'm giving the points to both of you even though the issue was resolved on my end.  Good day to you both!
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I've had to do a bit of research to setup my VPN connection so that Clients can access Windows Server 2008 network shares.  I have a Cisco ASA 5510 firewall.  I found an article which was extremely useful: It had a solution if you use ASDM to config…
Overview Often, we set up VPN appliances where the connected clients are on a separate subnet and the company will have alternate internet connections and do not use this particular device as the gateway for certain servers or clients. In this case…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now