Nov 22, 2011 1:46 AM
I'm making an IPsec tunnel between Cisco 1841 router with Cisco 3G card HWIC 3G HSPA and GX400 airlink devicec, Please find the network diagram attached.
configuration on the Cisco side is as under
Router#show running-config
Building configuration...
Current configuration : 1962 bytes
!
! Last configuration change at 09:20:52 UTC Tue Nov 22 2011
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
dot11 syslog
ip source-route
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
chat-script gsm "" "ATDT*98*1#" TIMEOUT 60 "CONNECT"
crypto pki token default removal timeout 0
!
!
!
!
license udi pid CISCO1841 sn FHK142576NU
!
redundancy
!
!
controller Cellular 0/0
!
!
!
crypto isakmp policy 1
encr aes
authentication pre-share
group 2
lifetime 7200
crypto isakmp key cisco address 10.241.144.2
!
!
crypto ipsec transform-set tset esp-aes esp-sha-hmac
!
crypto map smap 1 ipsec-isakmp
set peer 10.241.144.2
set security-association lifetime seconds 7200
set transform-set tset
set pfs group2
match address 101
!
!
!
!
!
interface FastEthernet0/0
ip address 192.168.5.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Cellular0/0/0
ip address negotiated
ip virtual-reassembly in
encapsulation ppp
dialer in-band
dialer string gsm
dialer-group 1
async mode interactive
ppp authentication pap callin
ppp eap refuse
ppp chap refuse
ppp ms-chap refuse
ppp ms-chap-v2 refuse
ppp ipcp dns request
crypto map smap
!
interface Cellular0/0/1
no ip address
encapsulation ppp
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 0.0.0.0 0.0.0.0 Cellular0/0/0
!
logging esm config
access-list 101 permit ip 192.168.5.0 0.0.0.255 any
dialer-list 1 protocol ip permit
!
!
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line 0/0/0
exec-timeout 0 0
script dialer gsm
modem InOut
no exec
rxspeed 7200000
txspeed 2000000
line 0/0/1
no exec
rxspeed 7200000
txspeed 2000000
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end
configuration on other device GX400 is attached, after the configuration IPsec tunnel comes up and i can ping both GX400 local ip address 192.168.2.1 and device IP 192.168.2.54, but from device attached to GX400 i can ping only my routers local address 192.168.5.1 but i cannot ping 192.168.5.2.
Ping from client attached to Cisco Router
ping 192.168.2.1 (Successfull)
ping 192.168.2.54 (Successfull)
Ping from client attached to GX400
Ping 192.168.5.1 (Successfull)
ping 192.168.5.2 (Fail)
I think some route is missing on Cisco router, can you please guide me what is most probably the reason of this ping failure?
Best Regards
Usman
-
conf on GX400.png (76.5 K)
-
Cisco Sierra wireless IPsec.jpg (33.8 K)
