I have three router R1,R2,R3. Router R1 and R2 is running as site to site vpn and R3 running as ZBF.
Before ZBF site to site is working. when ZBF is configure site to site vpn is not working.
i inspect udp traffic in ZBF but not working properly. my zbf configuration is below
1. ip access-list ex esp
permit esp any any
2. class-map type insect match-any isakmp-class
match protocol udp
match access-group name esp
3. policy-map type inspect isakmp-policy
class type inspect isakmp-class
inspect
class class-default
drop log
4. zone-pair security in2out source inside destination outside
service-policy type inspect isakmp-policy
zone-pair security out2in source outside destination inside
service-policy type inspect isakmp-policy