Multiple VPN tunnels

Posted on 2005-04-12
Last Modified: 2013-11-16
I have a PIX 515E connecting to a LANROVER and multiple Linksys VPN devices.  The Linksys devices are making mutiple tunnel connections to my PIX.  When I do a show isakmp sa, I will see one connection for the lanrover.  One connection for a PIX 501 I have somewhere and then for each of the Linksys devices I am seeing upwards of 100 connections.  Eventually All tunnels seems to fails and I have to clear isakmp sa and then we are fine for a while.

ANy ideas?
Question by:snowsurfer
    LVL 12

    Expert Comment

    You may want to take this up with Cisco since they produce both the Linksys and PIX.

    In my experience, Linksys VPN devices only work with other Linksys VPN devices and that's it.

    I don't believe that Linksys has taken the time to get their VPN devices ISCA IPSec certified:
    Previous cert--
    Current cert--

    This is a standards body that certifies interoperable IPSec VPN equipment. No mention of Linksys which is a consumer-grade VPN device.

    You've sadly stumbled upon IPSec's dirty little secret that vendor-to-vendor, IPSec may have varying implementations that do not operate with another vendor technology.
    LVL 5

    Author Comment

    answered on my own.  Turned off keep alives on Linskys devices

    Accepted Solution

    Closed, 500 points refunded.

    Community Support Moderator

    Featured Post

    Looking for New Ways to Advertise?

    Engage with tech pros in our community with native advertising, as a Vendor Expert, and more.

    Join & Write a Comment

    Suggested Solutions

    Title # Comments Views Activity
    iptables question 3 70
    Opening Port 80 10 56
    assessing firewall rules 3 66
    Unblock IP Address in Sonicwall 3 59
    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    This video is in connection to the article "The case of a missing mobile phone (". It will help one to understand clearly the steps to track a lost android phone.
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    731 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    17 Experts available now in Live!

    Get 1:1 Help Now