Re: ipsec tunnel established but no pinging

psychogenic wrote:
I have a site-to-site vpn tunnel established between a 2600 router and
a Pix501 and both IKE and IPSEC tunnel shows up as established with no
errors. I can ping the endpoint IPs from both sides but we can not ping
each other's internal networks. The endpoint on my 2600 router is a
loopback inteface I created and I added a route so that any traffic
destined for that remote site should go through this interface. I don't
know what the problem is and I can't tell where the ping is failing.
Anyone shed any light on this? Is it the loopback interface that's
having the problem? I already have a vpn tunnel terminating to my
outside interface and want to avoid adding this other one to it as
well...


I would also assume that if you set your logging level to 7 and sent traffic across the tunnel your syslog would shoot some messages at you in regards to no translation for traffic x.x.x.x to y.y.y.y
Where x.x.x.x is your local subnet and y.y.y.y would be the remote subnet?

If so you need to exclude those subnets from performing NAT.

Google for NAT 0 and, also in another reply to this post I listed some items from your config to post.

HTH
.