Sorry , the problem that we are having it's that in order to establish the vpn tunnel between the networks the cisco side needs to send traffic to the private IP behind the VR. Cause the VPN is up but traffic it's not passing till the cisco side send the first packet.
I believe that the keep-alive on cisco side it's just for the VPN to establish not for the Phase II network traffic to pass. Thanks. Cordialmente, Yesid Mora | Orchestration Engineer | O4IT PBX: 251 Ext +57 (1) 423-5460 | Cel: 3124509565 Cr. 7 #74-56 | Oficina 202 | Bogotá, Colombia http://www.o4it.com | mailto:ym...@o4it.com -----Original Message----- From: Simon Weller [mailto:swel...@ena.com] Sent: Tuesday, January 19, 2016 12:01 PM To: users@cloudstack.apache.org Subject: Re: CloudStack - Virtual Router You could set a periodic keep-alive on the cisco side. Try something like this: crypro isakmp keepalive 10 5 periodic - Si ________________________________ From: Yesid Mora <ym...@o4it.com> Sent: Tuesday, January 19, 2016 10:44 AM To: users@cloudstack.apache.org Subject: CloudStack - Virtual Router Hello guys, I'm having a problem with a IPSEC vpn between a Cisco and my Virtual router, cause in order to start the traffic on the tunnel the Cisco side needs to send traffic first to my site and then I can ping the Cisco site, Something like this. Virtual router site IP 10.10.20.0/24 Cisco site IP 10.10.30.0/24 So the tunnel is up but in order to pass traffic first the cisco site needs to send a ping to my site after that the tunnel works just perfect. Thanks. Cordialmente / Best regards, Yesid Mora | Orchestration Engineer | O4IT PBX:+57 (1) 423-5460 Ext 251 | Cel: 3124509565 Cr. 7 #74-56 | Oficina 202 | Bogotá, Colombia www.o4it.com<http://www.o4it.com> [http://o4it.com/wp-content/uploads/featured-slider-1.jpg]<http://www.o4it.com/> O4IT - THE CLOUD ENABLER<http://www.o4it.com/> www.o4it.com We are a leading provider of Cloud Technologies, focused on providing the technology and best practices to enable channel partners and resellers to quickly deliver ... | ym...@o4it.com<mailto:ym...@o4it.com> [http://www.o4it.com]<http://www.o4it.com>[http://www.linkedin.com/company/1207504]<http://www.linkedin.com/company/1207504>[https://twitter.com/o4it]<https://twitter.com/o4it>[https://www.facebook.com/o4itofficial]<https://www.facebook.com/o4itofficial>[https://www.youtube.com/user/o4itofficial]<https://www.youtube.com/user/o4itofficial> CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or proprietary information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, immediately contact the sender by reply e-mail and destroy all copies of the original message.
