I'm trying to test the quality of an IPSEC VPN connection before attempting to move voice traffic on to it. The VPN is already being used for replication traffic between two server clusters. The IPSEC tunnel is configured between two Watchguard firewalls. I'm trying to configure the IP SLA between Cisco 3750X switch stacks on each network. The icmp-echo ip sla is working fine, but udp-jitter is not. udp-echo didn't work either.
I'm trying to keep the config simple to start, so I have what I think is the bare minimum
Remote site:
ip sla 50 udp-jitter 192.168.0.40 5000 source-ip 192.168.0.50 source-port 5000 ip sla schedule 50 life forever start-time now ip sla 70 icmp-echo 192.168.0.40 source-interface Loopback50 frequency 10 ip sla schedule 70 life forever start-time now
Primary site:
ip sla responder
Result:
IPSLAs Latest Operation Summary ID Type Destination Stats Return Last (ms) Code Run ----------- ---------- --------------- ------ ---------- ----------------- *50 udp-jitter 192.168.0.40 - No connect 20 seconds ago ion *70 icmp-echo 192.168.0.40 RTT=9 OK 2 seconds ago
I don't know enough about IP SLA's to be sure this isn't a configuration problem, so I wanted to run it by here first to see.
If the config looks good, could this be an IPSec problem, despite other traffic passing without issue?
No comments:
Post a Comment