Ping not OK when crypto map is enabled?

[hummer3331973]

Hi-

I've set-up a router-to-router (L2L, both Cisco) VPN using IPSec on my 2 sites. I can ping the outside serial IP add interface (where traffic is leaving the router) when crypto map is disabled but not when it's enabled?

Is this normal?

 

[burtsbees]

Correct. Is the VPN working properly?

Burt

 

[hummer3331973]

Actually not. Eventhough I enabled it ("crypto isakmp enable") I'm not seeing any activity on the debug window pertaining to this VPN ("debug crypto isakmp, debug crypto ipsec"). Anything I missed? Shown below is the crypto map:

Crypto Map "VPN" 30 ipsec-isakmp
Peer = 67.98.228.1
Extended IP access list 100
access-list 100 permit ip 172.17.7.0 0.0.0.255 10.200.0.0 0.0.0.255
access-list 100 permit ip 172.17.7.0 0.0.0.255 host 192.168.14.175
access-list 100 permit ip 172.17.5.0 0.0.0.255 10.200.0.0 0.0.0.255
access-list 100 permit ip 172.17.5.0 0.0.0.255 host 192.168.14.175
Current peer: 67.98.228.1
Security association lifetime: 4608000 kilobytes/3600 seconds
PFS (Y/N): Y
DH group: group3
Transform sets={
RTRB,
}
Interfaces using crypto map VPN:
Serial0/1

 

[burtsbees]

Pleaase post a sh run...

Burt