*%CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet *usually comes when the IOS is expecting for IPSec packet but then it sees the traffic in clear text.
Seems your PBR is changing the normal routing and pushing it into IPSec path. Just a guess. With regards Kings On Sun, Oct 3, 2010 at 3:32 AM, Pemasiri Devanarayana <[email protected]>wrote: > Hi > > I have configured PBR to block ICMP with packet size 500 from Frame cloud > to R4 inside interface. However on R4 is also configured as ezvpn client. I > have the following configuration > on R4 inside and outside interfaces > > interface FastEthernet0/0 > ip address 192.1.40.4 255.255.255.0 > duplex auto > speed auto > crypto ipsec client ezvpn ABC inside > ! > interface Serial0/0/0 > crypto ipsec client ezvpn ABC > service-policy type access-control input PM-AC2 > ip policy route-map mymap > > After I configured PBR on R4 I tried to ping R4 inside ip (192.1.40.4) I > could and got the following error: > Oct 2 21:44:10.451: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Rec'd packet not an > IPSEC packet. (ip) vrf/dest_addr= /192.1.40.4, src_addr= 192.1.24.2, prot= > 1 > > However when I removed the crypto map on s0/0/0, I can ping to R4 > (192.1.40.4). Can some one advise me what is the issue here??. > > thanks > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
