Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Problems with IP-SEC VPN through SOHO-96 ADSL router

Reply
Thread Tools

Problems with IP-SEC VPN through SOHO-96 ADSL router

 
 
r.villerius@gmail.com
Guest
Posts: n/a
 
      04-19-2006
Hello,

I have the following wish, I want to connect at home from my lan to my
employers network. My employer has a Cisco VPN concentrator that works
fine. First I had a speedtouch ADSL router no problem just connect with
Freeswan VPN to the Cisco and it just worked.
A week ago I replaced the Speedtouch with a Cisco SOHO 96 ADSL
modem/router. I configured it and it worked, at least I thought it did.
I discovered that I couldn't create A VPN tunnel through that modem.
That means I can create a connection but when I actually want to do
something through the tunnel I get the following lines into the console
of my SOHO:
1w2d: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has
invalid spi for destaddr=<my local IP>, prot=50,
spi=0x9442D3CB(-1807559733), srcaddr=<my employers IP>

First I had some access-list issues but that I already solved (I can do
a little bit by myself )

Someone any idea what goes wrong and what the solution is, other than
switching back to my Speedtouch.

CU

Roel

 
Reply With Quote
 
 
 
 
Roel Villerius
Guest
Posts: n/a
 
      04-19-2006
Hello,

I found the solution already.
I have to tell my Cisco explicit that I have a IPSEC tunnel. This I have
done with the following commands:
ip nat inside source static esp <local client IP> interface Dialer1
ip nat inside source static udp <local client IP> 500 interface Dialer1
500

That was the trick for me.

CU

Roel



On Wed, 19 Apr 2006 01:09:43 -0700, r.villerius wrote:

> Hello,
>
> I have the following wish, I want to connect at home from my lan to my
> employers network. My employer has a Cisco VPN concentrator that works
> fine. First I had a speedtouch ADSL router no problem just connect with
> Freeswan VPN to the Cisco and it just worked.
> A week ago I replaced the Speedtouch with a Cisco SOHO 96 ADSL
> modem/router. I configured it and it worked, at least I thought it did.
> I discovered that I couldn't create A VPN tunnel through that modem.
> That means I can create a connection but when I actually want to do
> something through the tunnel I get the following lines into the console
> of my SOHO:
> 1w2d: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has
> invalid spi for destaddr=<my local IP>, prot=50,
> spi=0x9442D3CB(-1807559733), srcaddr=<my employers IP>
>
> First I had some access-list issues but that I already solved (I can do
> a little bit by myself )
>
> Someone any idea what goes wrong and what the solution is, other than
> switching back to my Speedtouch.
>
> CU
>
> Roel


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
adsl router to adsl router czar Cisco 2 05-01-2007 05:42 AM
Publishing internal VPN Server through a Cisco 827 ADSL Router AngeL_VenjadoR Cisco 3 01-29-2007 08:58 AM
(router + adsl modem) versus (router with built in adsl modem) LincolnShep Wireless Networking 3 11-08-2006 03:17 PM
Config for cisco 1841 with one adsl for internet and one adsl for vpn jmf@iutbayonne.univ-pau.fr Cisco 0 10-29-2006 08:31 AM
IPSec VPN problem with a CISCO C827 ADSL Router and a Nortel Contivity VPN Client mw Cisco 2 04-20-2005 08:18 PM



Advertisments