Hi, I trying to setup a remote user who has a Cisco 877W DSL router to connect to his UC520 in his office . I have been playing around with the VPN and I can manually establish the connection from the console of the 877 at which point the wireless 7921 phone happily connects in and works fine. However I need this to be automatic, so if the connection drops it automatically brings it back up again. The other problem is that as soon as the VPN comes up all traffic is sent down it and this is then causing web browsing issues !, ideally I only want traffic that is for the office network to be sent down the vpn. Has any one set this up before and if so could you provide me a config so that I can try and work out what I doing wrong !... Thanks Trev. |
|||
 |
UC500.comCisco Communication Manager Express, UC520, SMB VOIP reference and community |
It sounds like you didn't
It sounds like you didn't put a access-list in place to prevent all traffic for going down the tunnel. Make sure your NATing access-list has a deny statement at the beginning to prevent VPN traffic from being NATed. Also, make sure your crypto map is applied on the outside interface.
On second thought you issue may be you forgot the access list on the crypto map telling it which traffic to send over the VPN, like this:
crypto map vpn 1 ipsec-isakmp
set peer x.x.x.x
set transform-set vpntrans
match address 103 <<<< this ACL>>>
where ACL 103 would be:
access-list 103 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255 <