Options

SDM VPN bug?

rewindrewind Member Posts: 40 ■■□□□□□□□□
in CCNP
I am trying to use SDM to set up a simple Site-to-Site VPN on a 3640. When I get to the screen with peer identiy and and authenticatin options, i choose "pre-shared keys". After entering all the info, I click next, but just get an hourglass icon and no response. This has happened on several differnt model routers for me. Can anybody please help!
· Share on FacebookShare on Twitter

Comments

  • Options
    dtlokeedtlokee Member Posts: 2,378 ■■■■□□□□□□
    Did you use the option to configure both sides? I don't remember the exact steps it takse you through but I could see it hanging if it's trying to configure a remote rotuer that is not accessable.
    The only easy day was yesterday!
    · Share on FacebookShare on Twitter
  • Options
    rewindrewind Member Posts: 40 ■■□□□□□□□□
    dtlokee wrote:
    Did you use the option to configure both sides? I don't remember the exact steps it takse you through but I could see it hanging if it's trying to configure a remote rotuer that is not accessable.

    Thanks for replying!

    I don't know about any option to configure both sides. Where is that located?

    Here's what I've done:

    Configure->VPN->Site-to-Site VPN->Create Site-to-Site VPN->Launch selected task->Step by step wizard->Next->Seleted interface, entered static peer identity, pre-shared key authentication, entered pre-shared key-> Next-> hang...

    The weird thing is, is that I can enter teh coresponding command "crypto isakmp key xxx peer x.x.x.x" in the cli with no problem. Also when configuring a GRE over IPsec tunnel, SDM let's me put in a preshared key with no hanging...
    · Share on FacebookShare on Twitter
  • Options
    mikej412mikej412 Member Posts: 10,086 ■■■■■■■■■■
    I just tried it -- with a dead peer -- and it worked fine. SDM 2.3.3 loaded on a laptop and a 3620 with IOS c3620-ik9o3s7-mz.123-17a.bin -- configuration looks fine.
    :mike: Cisco Certifications -- Collect the Entire Set!
    · Share on FacebookShare on Twitter
  • Options
    rewindrewind Member Posts: 40 ■■□□□□□□□□
    mikej412 wrote:
    I just tried it -- with a dead peer -- and it worked fine. SDM 2.3.3 loaded on a laptop and a 3620 with IOS c3620-ik9o3s7-mz.123-17a.bin -- configuration looks fine.

    Darn. Sucks for me then...

    I was originally trying this using dynagen with a 7206 running the latest 12.4 IOS for an ISCW lab. Thought the emulator was buggy so I pulled out a 3640 running a 12.2 IOS and a laptop with 12.5 SDM. Only thing is that the SDM isn't installed on the router, I'm running it from the laptop. Whats really weird is that after this I was able to do a GRE over IPsec lab just fine! icon_eek.gif I am confused since the GRE over IPsec using the same steps/protocols as the Site-to-Site (ie. the part where I have to enter a preshared key doesn't hang on me!)

    I hate it when labs don't work and I can't figure it out. It's gonna bug the heck outta me...

    Any tips on what I can do about this?
    · Share on FacebookShare on Twitter
Sign In or Register to comment.