On 2015-07-10, Motty Cruz <[email protected]> wrote: > Hello, > > I have a gateway machine OpenBSD 5.5 that won't not initiate connection > to peer. The one way to establish VPN tunnel is if peer ping IP in my > subnet.
isakmpd usually tries to bring up the connection as soon as it's configured, but perhaps this negotiation is failing, maybe due to a firewall rule somewhere on/near the cisco side? Last time I setup a VPN with a cisco device, it only brought up the tunnel from their side on-demand, so if the initiation from isakmpd side fails, it might rely on network traffic from the peer's side to bring it up.
