Solved

VPN

Posted on 2011-03-03
3
1,479 Views
Last Modified: 2012-11-02
show crypto ipsec sa peer 172.16.12.10
 #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0  
 #pkts decaps: 170, #pkts decrypt: 170, #pkts verify: 170
Its a vpn between cisco router and check point. Does anyone know the reason why packets are being decrypted but not encapsulated.
And as result end to end connectiveity is not working.


0
Comment
Question by:tech2010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 17

Accepted Solution

by:
Kvistofta earned 500 total points
ID: 35026105
This is a common issue. When you see that you have packets decaps´d but not encaps´d it means that the tunnel is fully setup and you are receiving packets, but you are not sending any packets back. The far most common reason for this is some kind of routing- or nat-issue. For example if your nat is misconfigured the outbound source address is not correct, is not hitting the crypto map and therefore "misses" the vpn-tunnel.

Please post your config here for further help with troubleshooting.

/Kvistofta
0
 

Author Comment

by:tech2010
ID: 35027108
yes it was a routing issue.
0
 

Expert Comment

by:River2009
ID: 38561789
Can you give me an example of what you did. I'm running into the same issue.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes, you want your microsoft VPN to route all the traffic to the remote network. Usually your employer network. This makes it possible to access all the nodes inside this remote LAN, even if they have no "public DNS" entries. To do so, you wo…
OpenVPN is a great open source VPN server that is capable of providing quick and easy VPN access to your network on the cheap.  By default the software is configured to allow open access to your network.  But what if you want to restrict users to on…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question