I am in lab now
VRF aware EzVPN
I have connected vpn client from XP and the tunnel is up. From the client, I
am trying to ping to 7.7.17.7 i.e., the loopack interface that is in VRF
SITE1.
The ping fails. On the client side I see encrypted traffic and on R7, I see
decrypted. But the reply is not going back.
Snippet O/Ps
R7# sh ip route vrf SITE1
C 7.7.17.0/24 is directly connected, Loopback17
S 7.7.17.102/32 [1/0] via 192.1.49.100, Virtual-Access2
R7#sh crypto ip
R7#sh crypto ipsec sa
interface: Virtual-Access2
Crypto map tag: Virtual-Access2-head-4, local addr 192.1.73.7
protected vrf: SITE1
local ident (addr/mask/prot/port): (0.0.0.0/0.0.0.0/0/0)
remote ident (addr/mask/prot/port): (7.7.17.102/255.255.255.255/0/0)
current_peer 192.1.49.100 port 1112
PERMIT, flags={origin_is_acl,}
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0
#pkts decaps: 7, #pkts decrypt: 7, #pkts verify: 7
Any idea?
With regards
Kings
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
