Solved

Can't call from CME to CME across VPN tunnel

Posted on 2013-01-07
16
1,140 Views
Last Modified: 2013-03-19
I'm having trouble trying to get two Cisco CME routers to dial each other across an IPSEC vpn tunnel.

Topology is:


CME Router Site A-----SonicWall A ------ISP-----cloud-----ISP-----SonicWall B----CME Router Site B

Site A extensions are: 5800-5899
Site B extensions are: 5900-5999


The Sonicwalls are connected via a site-to-site vpn tunnel.  From a workstation behind each CME router I can ping the data and voice vlan interace of each respective side. It appears I have full connectivity.

When I try to dial across the vpn tunnel nothing happens and the phone eventually times out.


What needs to happen is Site B needs to be able to call Site A, and Site B also needs use TEHO (tail-end hop off) for 10 digit dialing through site A.


When I simulate a call using csim start xxxxxx I get:



SITE-B#csim start 5838
SITE-B#
012245: Jan  8 04:27:34.267: csim: called number = 5838, loop count = 1 ping count = 0

012246: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Calling Number=, Called Number=5838, Peer Info Type=DIALPEER_INFO_SPEECH
012247: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Match Rule=DP_MATCH_DEST; Called Number=5838
012248: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Result=Success(0) after DP_MATCH_DEST
012249: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/DPM/dpMatchSafModulePlugin:
   dialstring=NULL, saf_enabled=0, saf_dndb_lookup=0, dp_result=0
012250: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/DPM/dpMatchPeers:
   Result=SUCCESS(0)
   List of Matched Outgoing Dial-peer(s):
     1: Dial-peer Tag=64
012251: Jan  8 04:27:34.267: csimSetupPeer peer type(2), destPat(5838), matched(2), target()
012252: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Destination=, Calling IE Present=FALSE, Mode=0,
   Outgoing Dial-peer=64, Params=0x8AC32594, Progress Indication=NULL(0)
012253: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccCheckClipClir:
   In: Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed)
012254: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccCheckClipClir:
   Out: Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed)
012255: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Destination Pattern=58.., Called Number=5838, Digit Strip=FALSE
012256: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
   Called Number=5838(TON=Unknown, NPI=Unknown),
   Redirect Number=, Display Info=
   Account Number=, Final Destination Flag=FALSE,
   Guid=8F0018B0-5882-11E2-8238-A5B229699913, Outgoing Dial-peer=64
012257: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/cc_api_display_ie_subfields:
   ccCallSetupRequest:
   cisco-username=
   ----- ccCallInfo IE subfields -----
   cisco-ani=
   cisco-anitype=0
   cisco-aniplan=0
   cisco-anipi=0
   cisco-anisi=0
   dest=5838
   cisco-desttype=0
   cisco-destplan=0
   cisco-rdie=FFFFFFFF
   cisco-rdn=
   cisco-rdntype=-1
   cisco-rdnplan=-1
   cisco-rdnpi=-1
   cisco-rdnsi=-1
   cisco-redirectreason=-1   fwd_final_type =0
   final_redirectNumber =
   hunt_group_timeout =0

012258: Jan  8 04:27:34.267: //-1/xxxxxxxxxxxx/CCAPI/ccIFCallSetupRequestPrivate:
   Interface=0x87422DA4, Interface Type=3, Destination=, Mode=0x0,
   Call Params(Calling Number=,(Calling Name=)(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
   Called Number=5838(TON=Unknown, NPI=Unknown), Calling Translated=FALSE,
   Subscriber Type Str=, FinalDestinationFlag=FALSE, Outgoing Dial-peer=64, Call Count On=FALSE,
   Source Trkgrp Route Label=, Target Trkgrp Route Label=, tg_label_flag=0, Application Call Id=)
012259: Jan  8 04:27:34.271: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012260: Jan  8 04:27:34.271: :cc_get_feature_vsa malloc success
012261: Jan  8 04:27:34.271: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012262: Jan  8 04:27:34.271:  cc_get_feature_vsa count is 3
012263: Jan  8 04:27:34.271: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012264: Jan  8 04:27:34.271: :FEATURE_VSA attributes are: feature_name:0,feature_time:2305469072,feature_id:234
012265: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/ccIFCallSetupRequestPrivate:
   SPI Call Setup Request Is Success; Interface Type=3, FlowMode=1
012266: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/ccCallSetContext:
   Context=0x896631DC
012267: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/cc_api_call_disconnected:
   Cause Value=47, Interface=0x87422DA4, Call Id=194
012268: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/cc_api_call_disconnected:
   Call Entry(Responsed=TRUE, Cause Value=47, Retry Count=0)
012269: Jan  8 04:27:34.271: csim_do_test: cid(194), ev(12), disp(0)
012270: Jan  8 04:27:34.271: csimTraceSct: cid(194),st(0),oldst(0)
012271: Jan  8 04:27:34.271: csim err csimDisconnected recvd DISC cid(194)
012272: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/ccCallDisconnect:
   Cause Value=47, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=47)
012273: Jan  8 04:27:34.271: //194/8F0018B08238/CCAPI/ccCallDisconnect:
   Cause Value=47, Call Entry(Responsed=TRUE, Cause Value=47)
012274: Jan  8 04:27:34.275: //194/8F0018B08238/CCAPI/cc_api_call_disconnect_done:
   Disposition=-11, Interface=0x87422DA4, Tag=0x0, Call Id=194,
   Call Entry(Disconnect Cause=47, Voice Class Cause Code=0, Retry Count=0)
012275: Jan  8 04:27:34.275: //-1/8F0018B08238/RXRULE/regxrule_stack_pop_callinfo_internal: numinfo=0x0
012276: Jan  8 04:27:34.275: //194/8F0018B08238/CCAPI/cc_api_call_disconnect_done:
   Call Disconnect Event Sent
012277: Jan  8 04:27:34.275: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
   
012278: Jan  8 04:27:34.275: :cc_free_feature_vsa freeing 896AAA88
012279: Jan  8 04:27:34.275: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
   
012280: Jan  8 04:27:34.275:  vsacount in free is 2
012281: Jan  8 04:27:34.275: csim_do_test: cid(194), ev(13), disp(-11)
012282: Jan  8 04:27:34.275: csimTraceSct: cid(194),st(2),oldst(0)
012283: Jan  8 04:27:34.775: csim: loop = 1, failed = 1  
012284: Jan  8 04:27:34.775: csim: call attempted = 1, setup failed = 1, tone failed = 0

012285: Jan  8 04:27:34.775: //-1/xxxxxxxxxxxx/CCAPI/ccAppShutdownMode:
   ccAppShutdownMode: remove it from the queue
SiteA.txt
SiteB.txt
0
Comment
Question by:jplagens
  • 8
  • 3
  • 2
  • +2
16 Comments
 
LVL 20

Expert Comment

by:José Méndez
ID: 38753529
Why don't you through in a debug ccsip messages for us please? Along with the other debugs I mean.
0
 
LVL 4

Author Comment

by:jplagens
ID: 38753543
Here's some more output.  I have debug ccsip messages, debug voip ccapin inout, and debug voice translation on both sides.  When I call from Site B to Site A, Site A shows nothing in the debugs.  That means the call is not making it across the tunnel at all.  

Here's some output:

SITE-B#show debug
SCCP:
  Skinny Client Control Protocol events debugging is on
DIALPEER:
  debug voip dialpeer error call is ON (filter is OFF)
  debug voip dialpeer error software is ON
  debug voip dialpeer inout is ON (filter is OFF)
voip translation-rule
  voip translation debugging is on (Filter is OFF)

CCAPI:
  debug voip ccapi inout is ON (filter is OFF)
CCSIP SPI: SIP Call Message tracing is enabled  (filter is OFF)



SITE-B#ping 172.19.1.1 source 172.20.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.20.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/34/36 ms
SITE-B#ping 172.19.1.1 source 172.20.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.20.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/38/68 ms
SITE-B#ping 172.19.1.1                  
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)



SITE-B#csim start 5838                  
SITE-B#
012369: Jan  8 05:07:59.883: csim: called number = 5838, loop count = 1 ping count = 0

012370: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Calling Number=, Called Number=5838, Peer Info Type=DIALPEER_INFO_SPEECH
012371: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Match Rule=DP_MATCH_DEST; Called Number=5838
012372: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
   Result=Success(0) after DP_MATCH_DEST
012373: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/DPM/dpMatchSafModulePlugin:
   dialstring=NULL, saf_enabled=0, saf_dndb_lookup=0, dp_result=0
012374: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/DPM/dpMatchPeers:
   Result=SUCCESS(0)
   List of Matched Outgoing Dial-peer(s):
     1: Dial-peer Tag=64
012375: Jan  8 05:07:59.883: csimSetupPeer peer type(2), destPat(5838), matched(2), target()
012376: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Destination=, Calling IE Present=FALSE, Mode=0,
   Outgoing Dial-peer=64, Params=0x8AC344F4, Progress Indication=NULL(0)
012377: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/CCAPI/ccCheckClipClir:
   In: Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed)
012378: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/CCAPI/ccCheckClipClir:
   Out: Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed)
012379: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Destination Pattern=58.., Called Number=5838, Digit Strip=FALSE
012380: Jan  8 05:07:59.883: //-1/xxxxxxxxxxxx/CCAPI/ccCallSetupRequest:
   Calling Number=(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
   Called Number=5838(TON=Unknown, NPI=Unknown),
   Redirect Number=, Display Info=
   Account Number=, Final Destination Flag=FALSE,
   Guid=34C7B1C8-5888-11E2-8241-A5B229699913, Outgoing Dial-peer=64
012381: Jan  8 05:07:59.887: //-1/xxxxxxxxxxxx/CCAPI/cc_api_display_ie_subfields:
   ccCallSetupRequest:
   cisco-username=
   ----- ccCallInfo IE subfields -----
   cisco-ani=
   cisco-anitype=0
   cisco-aniplan=0
   cisco-anipi=0
   cisco-anisi=0
   dest=5838
   cisco-desttype=0
   cisco-destplan=0
   cisco-rdie=FFFFFFFF
   cisco-rdn=
   cisco-rdntype=-1
   cisco-rdnplan=-1
   cisco-rdnpi=-1
   cisco-rdnsi=-1
   cisco-redirectreason=-1   fwd_final_type =0
   final_redirectNumber =
   hunt_group_timeout =0

012382: Jan  8 05:07:59.887: //-1/xxxxxxxxxxxx/CCAPI/ccIFCallSetupRequestPrivate:
   Interface=0x87422DA4, Interface Type=3, Destination=, Mode=0x0,
   Call Params(Calling Number=,(Calling Name=)(TON=Unknown, NPI=Unknown, Screening=Not Screened, Presentation=Allowed),
   Called Number=5838(TON=Unknown, NPI=Unknown), Calling Translated=FALSE,
   Subscriber Type Str=, FinalDestinationFlag=FALSE, Outgoing Dial-peer=64, Call Count On=FALSE,
   Source Trkgrp Route Label=, Target Trkgrp Route Label=, tg_label_flag=0, Application Call Id=)
012383: Jan  8 05:07:59.887: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012384: Jan  8 05:07:59.887: :cc_get_feature_vsa malloc success
012385: Jan  8 05:07:59.887: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012386: Jan  8 05:07:59.887:  cc_get_feature_vsa count is 3
012387: Jan  8 05:07:59.887: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:
   
012388: Jan  8 05:07:59.887: :FEATURE_VSA attributes are: feature_name:0,feature_time:2305469072,feature_id:237
012389: Jan  8 05:07:59.887: //197/34C7B1C88241/CCAPI/ccIFCallSetupRequestPrivate:
   SPI Call Setup Request Is Success; Interface Type=3, FlowMode=1
012390: Jan  8 05:07:59.887: //197/34C7B1C88241/CCAPI/ccCallSetContext:
   Context=0x89662894
012391: Jan  8 05:07:59.887: //197/34C7B1C88241/CCAPI/cc_api_call_disconnected:
   Cause Value=47, Interface=0x87422DA4, Call Id=197
012392: Jan  8 05:07:59.887: //197/34C7B1C88241/CCAPI/cc_api_call_disconnected:
   Call Entry(Responsed=TRUE, Cause Value=47, Retry Count=0)
012393: Jan  8 05:07:59.891: csim_do_test: cid(197), ev(12), disp(0)
012394: Jan  8 05:07:59.891: csimTraceSct: cid(197),st(0),oldst(0)
012395: Jan  8 05:07:59.891: csim err csimDisconnected recvd DISC cid(197)
012396: Jan  8 05:07:59.891: //197/34C7B1C88241/CCAPI/ccCallDisconnect:
   Cause Value=47, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=47)
012397: Jan  8 05:07:59.891: //197/34C7B1C88241/CCAPI/ccCallDisconnect:
   Cause Value=47, Call Entry(Responsed=TRUE, Cause Value=47)
012398: Jan  8 05:07:59.891: //197/34C7B1C88241/CCAPI/cc_api_call_disconnect_done:
   Disposition=-11, Interface=0x87422DA4, Tag=0x0, Call Id=197,
   Call Entry(Disconnect Cause=47, Voice Class Cause Code=0, Retry Count=0)
012399: Jan  8 05:07:59.891: //-1/34C7B1C88241/RXRULE/regxrule_stack_pop_callinfo_internal: numinfo=0x0
012400: Jan  8 05:07:59.891: //197/34C7B1C88241/CCAPI/cc_api_call_disconnect_done:
   Call Disconnect Event Sent
012401: Jan  8 05:07:59.891: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
   
012402: Jan  8 05:07:59.891: :cc_free_feature_vsa freeing 896AAA88
012403: Jan  8 05:07:59.891: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:
   
012404: Jan  8 05:07:59.891:  vsacount in free is 2
012405: Jan  8 05:07:59.891: csim_do_test: cid(197), ev(13), disp(-11)
012406: Jan  8 05:07:59.891: csimTraceSct: cid(197),st(2),oldst(0)
012407: Jan  8 05:08:00.391: csim: loop = 1, failed = 1  
012408: Jan  8 05:08:00.391: csim: call attempted = 1, setup failed = 1, tone failed = 0

012409: Jan  8 05:08:00.391: //-1/xxxxxxxxxxxx/CCAPI/ccAppShutdownMode:
   ccAppShutdownMode: remove it from the queue
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38753547
Consider configuring GRE Tunnel
This will ensure that your packets are routed across your sites.

The issue above looks like a route issue to me.
0
 
LVL 4

Author Comment

by:jplagens
ID: 38753552
I'm open to any options to get this working.  I'm under some pressure and need some assistance.  I greatly appreciate any help from the Experts.
0
 
LVL 18

Expert Comment

by:fgasimzade
ID: 38753612
SITE-B#ping 172.19.1.1                  
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)


What is it? And ping fails? What are your voice and data subnets on both sides?
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 38753617
0
 
LVL 4

Author Comment

by:jplagens
ID: 38753641
SITE-B#ping 172.19.1.1                  
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.19.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)


That is when I try to ping the voice vlan subinterface on Site A router sourcing from the outside interface of Site B router (10.0.1.5) - Remember the Cisco routers are sitting behind the Sonicwall firewalls.

Site A:
Voice subnet: 172.19.1.1
Data subnet:  172.19.0.1

Site B:
Voice subnet:  172.20.1.1
Data subnet:  172.20.0.1


I was looking at GRE tunnels.  That might be what I need to do here.  I'm a little confused by the commands.  Here's what I came up with:

Site A
interface Tunnel0
ip address 172.21.0.1 255.255.255.0
tunnel source Gig 0/0
tunnel destination 172.19.1.1

ip route 172.20.1.1 255.255.255.0 172.21.0.2


Site B
interface Tunnel0
ip address 172.21.0.2 255.255.255.0
tunnel source Fast 0/0
tunnel destination 172.20.1.1

ip route 172.19.1.1 255.255.255.0 172.21.0.1
0
 
LVL 8

Expert Comment

by:pgolding00
ID: 38753825
Site A:
Voice subnet: 172.19.1.1
Data subnet:  172.19.0.1

Site B:
Voice subnet:  172.20.1.1
Data subnet:  172.20.0.1

so

Site A
interface Tunnel0
tunnel destination 172.19.1.1
Site B
interface Tunnel0
tunnel destination 172.20.1.1

should be
site a
int tun0
tun dest 172.20.1.1
site b
int tun0
tun dest 172.19.1.1

but, if your ipsec config works site to site generally, then you have a routing or ipsec config problem. better to find and resolve the root cause!

you should be able to ping from site a:
"ping ip 172.20.1.1 source 172.19.1.1"
or something like that (i'm not entirely sure i have the syntax correct there) and opposite for the reverse direction. if you cant, thats why your call setup is no go. maybe you missed sourcing the the cme-cme traffic from addresses that are included in the ipsec tunnel ranges, so the routers are using their "outside" interfaces?
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 
LVL 4

Author Comment

by:jplagens
ID: 38754593
Site A:

SITE-A#ping 172.20.1.1 source 172.19.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.20.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.19.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/28/40 ms

Connectivity is there when pinging both directions when sourcing from the inside interfaces.  When VoIP dial-peers match and send to their session target where do they source from?  I would think it would source from the CME address which is 172.19.1.1 and 172.20.1.1 for Site A and B.
0
 
LVL 20

Expert Comment

by:José Méndez
ID: 38755049
voice-class sip bind media <source-interface>
voice-class sip bind control <source-interface>
0
 
LVL 20

Expert Comment

by:José Méndez
ID: 38755053
Inside the out dial-peers that is.
0
 
LVL 4

Author Comment

by:jplagens
ID: 38755217
So on Site B it looks like that should be the BVI100 interface since that is the CME subnet:


SITE-B(config-dial-peer)#voice-class sip bind media source-interface BVI100        
SITE-B(config-dial-peer)#voice-class sip bind media source-interface BVI100
 bind CLI has no effect as there is no change in configuration
0
 
LVL 4

Author Comment

by:jplagens
ID: 38755469
I tried setting up the GRE tunnel and the tunnel wouldn't come up.

Site A

interface Tunnel0
bandwidth 512
ip address 172.21.0.1 255.255.255.0
tunnel source vlan 100
tunnel destination 172.20.1.1
tunnel mode gre ip
no shut

ip route 172.20.1.0 255.255.255.0 172.21.0.2


Site B

interface Tunnel0
bandwidth 512
ip address 172.21.0.2 255.255.255.0
tunnel source inter BVI100
tunnel destination 172.19.1.1
tunnel mode gre ip
no shut

ip route 172.19.1.0 255.255.255.0 172.21.0.1
0
 
LVL 8

Expert Comment

by:pgolding00
ID: 38757455
from site a, try "ping 172.20.1.1 sou vl100", ie use the tunnel specs to ping and verify there is comms between each.

now, you have firewalls at both sites. do they permit protocol 47 (gre) to come in from the local subnets and go out to the internet, and does the ipsec config include protocol 47 (gre) to be tunnelled?

coming back to the ipsec config again, is the definition for traffic to be tunnelled something like (at site a)
ip 172.19.0.0/16 to 172.20.0.0/16
ip (wan facing subnet of site a router) to 172.20.0.0/16
ip (wan facing subnet of site a router) to (wan facing subnet of site b router)

and at site b, the mirror.

do the routers at each site have routes for the other sites data and voice subnets, pointing to the firewall?
do the firewalls have routes for the local subnets pointing to the routers, and routes for the other site pointing towards the internet or the ipsec tunnel - however sonicwall works?

if you get the ipsec working, you wont need the gre.
0
 
LVL 4

Accepted Solution

by:
jplagens earned 0 total points
ID: 38790396
We never got this working.  In the end, the client became too impatient to wait for anymore troubleshooting.  We removed the Sonicwalls and connected the Cisco routers together via an IPSEC tunnel and everything worked immediately.  Thanks to everyone that helped.  I'm sure we would have figured it out if we had the time.
0
 
LVL 4

Author Closing Comment

by:jplagens
ID: 38998443
Closing question.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This is an article about my experiences with remote access to my clients (so that I may serve them) and eventually to my home office system via Radmin Remote Control. I have been using remote access for over 10 years and have been improving my metho…
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now