Velocity Reviews

Velocity Reviews (http://www.velocityreviews.com/forums/index.php)
-   Cisco (http://www.velocityreviews.com/forums/f27-cisco.html)
-   -   Cannot send traffic out vpn tunnel (http://www.velocityreviews.com/forums/t716052-cannot-send-traffic-out-vpn-tunnel.html)

BluffPlace 02-25-2010 04:21 PM

Cannot send traffic out vpn tunnel
 
Hello
We have a Cisco 3030 vpn concentrator. I created 2 separate vpn tunnels which are up. I am receiving traffic from them, but I am not sending anything out. One of the remote sites has a peer address of 65.1.3.4 and their internal address is 192.168.101.x. How do I send traffic out. Below is a copy of my edge router config.

interface Tunnel0
description Primary-Zscaler-Tun
ip address 172.17.6.33 255.255.255.x ip mtu 1476
ip nat outside
tunnel source 151.8.2.6
tunnel destination 4.79.205.35

interface Ethernet0/0
ip address 65.1.5.2 255.255.255.x secondary
ip address 151.8.3.5 255.255.255.x
ip access-group 102 out
ip nat inside
ip route-cache policy
ip policy route-map Zscaler-redirect
duplex auto

interface Ethernet0/0.1

interface GigabitEthernet0/0
ip address 10.10.0.8 255.255.0.0
ip helper-address 10.100.91.5
negotiation auto
ipx network 7 encapsulation SAP
ipx gns-response-delay 1
ipx type-20-propagation

interface Serial1/0
description T3-18MB Verizon-ISP
ip address 208.4.2.0 255.255.255.x2
no ip redirects
no ip proxy-arp encapsulation ppp
no ip mroute-cache
ip policy route-map net-11
load-interval 30
scramble
framing c-bit
cablelength 10
dsu bandwidth 18948
no cdp enable

interface ATM2/0
no ip address
atm uni-version 3.1
no atm ilmi-keepalive

interface ATM2/0.1 point-to-point
bandwidth 75000
ip address 151.8.2.6 255.255.255.x
ip policy route-map net-11
pvc 1/57
vbr-nrt 10000 10000 100
encapsulation aal5sna

interface ATM2/0.5 point-to-point
bandwidth 145000
ip address 10.15.0.2 255.255.255.252
ip helper-address 10.100.91.5
ip policy route-map net-10
pvc obd 5/55
protocol ip 10.15.0.1 broadcast
vbr-nrt 145000 145000 1000
encapsulation aal5snap

ipx network A21

router eigrp 1
network 10.0.0.0
no auto-summary
no eigrp log-neighbor-changes

ip nat inside source route-map Zscaler interface Tunnel0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 151.8.2.5
ip route 10.70.1.1 255.255.255.255 10.60.1.2
ip route 10.70.1.2 255.255.255.255 10.60.1.2
no ip http server

ip access-list extended Zscaler
permit tcp any any eq www
permit tcp any any eq 443
permit tcp any any eq 389
access-list 102 permit ip any anyaccess-list 111 permit ip any any
access-list 112 permit ip any anyaccess-list 116 permit ip 65.1.5.0 0.0.0.31 any
access-list 117 permit ip 151.8.3.4 0.0.0.31 any

route-map Zscaler permit 10
match ip address Zscaler
set interface Tunnel0

route-map net-11 permit 11
set interface Ethernet0/0

route-map net-10 permit 10
match ip address 111
set ip next-hop 10.10.0.1

route-map Zscaler-redirect permit 10
match ip address Zscaler
set interface Tunnel0

route-map PBR1 permit 10
match ip address 116
set interface Serial1/0
set ip next-hop 208.4.2.9

route-map PBR1 permit 20
match ip address 117
set interface ATM2/0.1
set ip next-hop 151.8.2.5

gatekeeper
shutdown


All times are GMT. The time now is 12:43 PM.

Powered by vBulletin®. Copyright ©2000 - 2014, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.