Step 4Ensure That the Network Works

© 2004 Cisco Systems, Inc. All rights bcran v2.1—5-10

© 2004 Cisco Systems, Inc. All rights bcran v2.1—5-10

Basic connectivity between peers must be checked before you begin configuring IPSec.

The router ping command can be used to test basic connectivity between IPSec peers. While a successful Internet Control Message Protocol (ICMP) echo (ping) will verify basic connectivity between peers, you should ensure the network works with any other protocols or ports you want to encrypt, such as Telnet, FTP, or SQL*NET before beginning IPSec configuration.

After IPSec is activated, basic connectivity troubleshooting can be difficult because the security configuration may mask a more fundamental networking problem. Previous security settings could result in no connectivity.

Note The ping command may be limited by access lists.

0 0

Post a comment