WAN Routing
1748123 Members
3316 Online
108758 Solutions
New Discussion

IPSec VPN issue in Procurve 7102dl router

 
vamsikrushna
Advisor

IPSec VPN issue in Procurve 7102dl router


!
! ProCurve Secure Router 7102dl SROS version J08.03
! Boot ROM version J05.02
! Platform: ProCurve Secure Router 7102dl, part number J8752A
! Serial number US521TR232
! Flash: 33554432 bytes  DRAM: 134217727 bytes
! Date/Time: Thu Sep 23 2010, 18:31:47 GMT+05:30
!
!

!
clock timezone +5:30
clock no-auto-correct-DST
!
ip subnet-zero
ip classless
ip domain-name "csilhyd1.com"
ip name-server 203.123.176.65 203.123.128.70 4.2.2.2
ip routing
!
event-history on
no logging forwarding
no logging email
logging email priority-level info
!
no service password-encryption
!

!
!
ip firewall
no ip firewall alg msn
no ip firewall alg h323
!
!
!
!
!
!
no autosynch-mode
no safe-mode
!
!
!
!
!
!
!
ip crypto
!
crypto ike policy 10
  initiate main
  respond anymode
  local-id address wan ip address
  nat-traversal v1 disable
  nat-traversal v2 disable
  peer x.x.x.x
  attribute 1
    encryption 3des
    hash md5
    authentication pre-share
    group 5
!
crypto ike remote-id address x.x.x.x preshared-key 40NetHp ike-policy 10 crypto map vpn_traffic 10 no-mode-config no-xauth nat-t v1 disable nat-t v2 disable
!
crypto ipsec transform-set compugain esp-3des esp-sha-hmac
  mode tunnel
!
crypto map vpn_traffic 10 ipsec-ike
  match address lan_traffic
  set peer x.x.x.x
  set transform-set compugain
  ike-policy 10
!
!
!
interface eth 0/1
  description PACNET
  speed 100
  ip address  Wan Ip Address
  access-policy Public
  crypto map vpn_traffic
  no shutdown
!
!
interface eth 0/2
  description LAN
  speed 100
  ip address  172.32.1.252  255.255.255.0
  access-policy Private
  no shutdown
!
!
!
!
!
!
!
!
!
!
ip access-list standard wizard-ics
  remark Internet Connection Sharing
  permit any
!
!
ip access-list extended Allow_Remote
  permit tcp any  any eq https 
  permit tcp any  any eq telnet 
  permit tcp any  any eq ssh 
  permit icmp any  any   
  permit ip any  any   
!
ip access-list extended lan_traffic
  permit ip 172.32.1.0 0.0.0.255  11.0.0.0 0.255.255.255  
!
ip access-list extended self
  remark Traffic to ProCurve SR
  permit ip any  any     log
!
ip policy-class Private
  allow list self self
  nat source list wizard-ics interface eth 0/1 overload
!
ip policy-class Public
  allow list Allow_Remote
  allow reverse list lan_traffic stateless
!
!
!
ip route 0.0.0.0 0.0.0.0 203.123.158.37
ip route 65.242.116.192 255.255.255.224 203.123.158.37
!
no ip tftp server
no ip tftp server overwrite
ip http server
ip http secure-server
no ip snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
!
!
!
!

ip sip

ip sip proxy

!

!


line ssh 0 4
  login local-userlist
  no shutdown
!
!
end

Hi,

 

   I need suuport on Procurve 7102dl router for site to site VPN config.Iam trying to establish  Site to site VPN b/w router and Sonicwall firewall.VPN tunnel is up but traffic is not going from router to lan subnets of firewall.And from behind lan subnets of sonicwall traffic is going to router lan users.

 

The sam scenarioe is tested with fortigate firewall the result is same.

 

Can any one help on this,

 

Plz find the attachment.

 

Regards,

 

vamsi.

 

 

1 REPLY 1
eshorkey
New Member

Re: IPSec VPN issue in Procurve 7102dl router

I'm experiencing this exact problem as well.

HP 7102dl and SonicWALL NSA 3500. Tunnel is up, can pass icmp traffic from either side just fine, but tcp sessions only work from Remote -> Local. The local side is unable to pass any tcp traffic to the remote network over the tunnel.

 

Did you find a solution for this yet? It's driving me crazy.