When you ping between two IPSec routers, you are verifying you have connectivity between these routers and that at a minimum, Internet Control Message Protocol (ICMP) echo packets are not filtered. But, because of ever-increasing security concerns in corporate networks, only traffic that is required into the corporate network is permitted, and all other types of traffic are filtered. When running IPSec in your environment, you must be sure that IPSec traffic itself is not filtered. To verify this fact, you must make sure the following protocols are not filtered between the two IPSec peers.
|