Problems with IP-SEC VPN through SOHO-96 ADSL router

Discussion in 'Cisco' started by r.villerius, Apr 19, 2006.

  1. r.villerius

    r.villerius Guest

    Hello,

    I have the following wish, I want to connect at home from my lan to my
    employers network. My employer has a Cisco VPN concentrator that works
    fine. First I had a speedtouch ADSL router no problem just connect with
    Freeswan VPN to the Cisco and it just worked.
    A week ago I replaced the Speedtouch with a Cisco SOHO 96 ADSL
    modem/router. I configured it and it worked, at least I thought it did.
    I discovered that I couldn't create A VPN tunnel through that modem.
    That means I can create a connection but when I actually want to do
    something through the tunnel I get the following lines into the console
    of my SOHO:
    1w2d: %CRYPTO-4-RECVD_PKT_INV_SPI: decaps: rec'd IPSEC packet has
    invalid spi for destaddr=<my local IP>, prot=50,
    spi=0x9442D3CB(-1807559733), srcaddr=<my employers IP>

    First I had some access-list issues but that I already solved (I can do
    a little bit by myself :) )

    Someone any idea what goes wrong and what the solution is, other than
    switching back to my Speedtouch.

    CU

    Roel
     
    r.villerius, Apr 19, 2006
    #1
    1. Advertisements

  2. Hello,

    I found the solution already.
    I have to tell my Cisco explicit that I have a IPSEC tunnel. This I have
    done with the following commands:
    ip nat inside source static esp <local client IP> interface Dialer1
    ip nat inside source static udp <local client IP> 500 interface Dialer1
    500

    That was the trick for me.

    CU

    Roel
     
    Roel Villerius, Apr 19, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.