?
Solved

VPN

Posted on 2011-03-03
3
Medium Priority
?
1,507 Views
Last Modified: 2012-11-02
show crypto ipsec sa peer 172.16.12.10
 #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0  
 #pkts decaps: 170, #pkts decrypt: 170, #pkts verify: 170
Its a vpn between cisco router and check point. Does anyone know the reason why packets are being decrypted but not encapsulated.
And as result end to end connectiveity is not working.


0
Comment
Question by:tech2010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 17

Accepted Solution

by:
Kvistofta earned 2000 total points
ID: 35026105
This is a common issue. When you see that you have packets decaps´d but not encaps´d it means that the tunnel is fully setup and you are receiving packets, but you are not sending any packets back. The far most common reason for this is some kind of routing- or nat-issue. For example if your nat is misconfigured the outbound source address is not correct, is not hitting the crypto map and therefore "misses" the vpn-tunnel.

Please post your config here for further help with troubleshooting.

/Kvistofta
0
 

Author Comment

by:tech2010
ID: 35027108
yes it was a routing issue.
0
 

Expert Comment

by:River2009
ID: 38561789
Can you give me an example of what you did. I'm running into the same issue.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you connect to your workplace's VPN, you may not notice that you are using your workplace's servers to serve up webpages.  This might be undesirable since the workplace can log all the places you've been.  It also might be very slow to load pag…
Using Windows 2008 RRAS, I was able to successfully VPN into the network, but I was having problems restricting my test user from accessing certain things on the network.  I used Google in order to try to find out how to stop people from accessing c…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question