Hi,
i've a problem in setting up a vpn tunnel. It is possible to send
encrypted traffic from local to remote side, but the remote side is
unable to access the local server.
The traffic selection for the crypto map looks like this:
Local config:
crypto map outside_map 160 match address outside_160_cryptomap
crypto map outside_map 160 set peer a.b.c.d
crypto map outside_map 160 set transform-set ESP-3DES-SHA
crypto map outside_map 160 set security-association lifetime seconds 3600
crypto map outside_map interface outside
....
access-list outside_160_cryptomap extended permit ip host
<mylocalhostip> host <remotehostip>
access-list outside_160_cryptomap extended permit icmp any host
<mylocalhostip>
Remote config:
access-list 123 permit ip host <mylocalhostip> host <remotehostip>
access-list 123 permit icmp any host <mylocalhostip>
Sending data from <mylocalhostip> to <remotehostip> is working. But when
trying to do a PING from one of the remote networks, i always get this
in the log:
Rejecting IPSec tunnel: no matching crypto map entry for remote proxy
0.0.0.0/0.0.0.0/1/0 local proxy <mylocalhostip>/255.255.255.255/1/0 on
interface outside
But as i understand, exactly this traffic is selected by my local
access-list, isn't it?
Regards
Markus
|
|
0
|
|
|
|
Reply
|
 Markus
|
7/9/2009 3:08:40 PM |
|
Search |
Post Question |
Groups |
Stream |
About |
Register
24755 articles. 
23 followers. 
0 Replies
438 Views
