Hi , i want to connect my two branches through private network everything fine with me my all configuration are the same that I did it before and i have less more experience of Cisco PIX especially with VPN Tunneling even checking a lot , my connection can not be establish i receive below error
crypto_isakmp_process_bloc
k:src:X.X.
X.X, dest: X.X.X.X spt:500 dpt:500
ISAKMP (0): processing NOTIFY payload 36136 protocol 1
spi 0, message ID = 2604767052
ISAMKP (0): received DPD_R_U_THERE from peer X.X.X.X
ISAKMP (0): sending NOTIFY message 36137 protocol 1
return status is IKMP_NO_ERR_NO_TRANS
does any one have idea !!
here is my configuration same at the both end .
: Saved
:
PIX Version 6.3(5)
interface ethernet0 auto
interface ethernet1 auto
interface ethernet2 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
nameif ethernet2 ATM_inside security10
enable password uYELWLtW6XPc5Wlp encrypted
passwd xV3F85YWcDj64GO7 encrypted
hostname Shahrenaw
domain-name aib.af
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list 101 permit ip 192.168.252.0 255.255.255.0 192.168.0.0 255.255.255.0
access-list 100 permit icmp any any echo-reply
pager lines 24
logging on
logging history notifications
icmp permit any outside
icmp permit any echo-reply outside
icmp permit any inside
icmp permit any echo-reply inside
mtu outside 1500
mtu inside 1500
mtu ATM_inside 1500
ip address outside 10.0.0.186 255.255.255.248
ip address inside 192.168.252.1 255.255.255.0
ip address ATM_inside 10.210.10.30 255.255.255.252
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
nat (inside) 0 access-list 101
nat (inside) 1 192.168.252.0 255.255.255.0 0 0
nat (ATM_inside) 0 access-list 102
route outside 0.0.0.0 0.0.0.0 10.0.0.185 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout sip-disconnect 0:02:00 sip-invite 0:03:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local
http 192.168.252.0 255.255.255.0 inside
http 10.210.10.0 255.255.255.248 ATM_inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt connection permit-ipsec
crypto ipsec transform-set KABAIB esp-3des esp-md5-hmac
crypto map KABAIBMAP 4 ipsec-isakmp
crypto map KABAIBMAP 4 match address 101
crypto map KABAIBMAP 4 set peer X.X.X.X
crypto map KABAIBMAP 4 set transform-set KABAIB
crypto map KABAIBMAP interface outside
isakmp enable outside
isakmp key ******** address X.X.X.X netmask 255.255.255.240
isakmp identity address
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption 3des
isakmp policy 1 hash md5
isakmp policy 1 group 2
isakmp policy 1 lifetime 86400
telnet timeout 5
ssh X.X.X.X 255.255.255.240 outside
ssh X.X.X.X 255.255.255.248 outside
ssh 192.168.0.0 255.255.0.0 inside
ssh 10.210.0.0 255.255.255.248 inside
ssh 10.210.0.0 255.255.0.0 inside
ssh timeout 60
console timeout 0
terminal width 80
Cryptochecksum:26d28d2f40d
5ab9d2ce19
3701844118
a
: end
Start Free Trial
