Greetings from the CCNA Forum - Help Needed

mattsthe2mattsthe2 Member Posts: 304
Hi Guys,

I'm actually going for my CCNA but i need to call upon your expertise with a problem that im having that goes beyond a CCNA.

We have a 1821 router that we use as a backup router incase our primary goes down.
Hanging off of this router is a DSL connection. We connect the 1821 to a Cable modem which we then get internet services from a local ISP.

We then have some form of an IPSec Tunnel to our MPLS Provider.

Last week we had a power failure, im not sure if thats related but now the router is not routing traffic. We have confirmed that DSL connection is up and running but i believe there is something wrong with the IPSec Tunnel.

If i do a sh ip route all i see is connected and static routes no OSPF routes.

I am getting this from the console also.
*Aug 28 12:44:03.808: %CRYPTO-4-RECVD_PKT_NOT_IPSEC: Recd packet not an IPSEC packet.
(ip) vrf/dest_addr= /71.83.3.2, src_addr= 71.83.213.3, prot= 6


I called our MPLS Providers and they would like me to "bounce the IPSec Tunnel" and i have no idea on how to do that. Any ideas?


If you could shed some light on this I'd appreicate it.

Thanks,

Comments

  • dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    That problem is common when the ACLs that are applied to your crypto map are not mirror images of one another on each end. Basically you are receiving a packet that is expected to be encrypted, I would look at the ACLs used.
    The only easy day was yesterday!
  • mattsthe2mattsthe2 Member Posts: 304
    Thanks for the reply.

    There is only two ACL on that router both are for for SRST for Call manager. Non of them is applied to the CRYPTO MAP.


    The config really hasnt changed...

    How do i bounce the IPSec tunnel like the tech is suggesting?
Sign In or Register to comment.