Saturday 6 August 2016

DMVPN Common Issues

  1. Ping from the hub to the spoke and vice versa
    These pings should go directly out the physical interface, not through the DMVPN tunnel.  Checking routing and firewall if this is not working
  2. Do a check on Traceroute
  3. Use the debug and show commands to verify no connectivity:
  4. Verify for incompatible ISAKMP policy
  5. Verify for incorrect pre-shared key secret- will throw sanity check failed if PSK mismatch during  debugging
  6. If the IPsec transform-set is not compatible or mismatched ,atts not acceptable will be seen during debgging
  7.  Check GRE tunnel is functional removing ipsec