Improve company productivity with a Business Account.Sign Up

x
?
Solved

need to remove a lan-to-lan vpn on pix 515e

Posted on 2006-07-11
6
Medium Priority
?
458 Views
Last Modified: 2010-03-19
I need to remove (1) lan-to-lan vpn from a pix 515e with multible lan-to-lan vpns configured.
0
Comment
Question by:tebone68
  • 3
  • 2
6 Comments
 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17087180
can you post a limited show run so we can tell you what ACL and Crypto map to remove?

Thanks
Scott
0
 
LVL 4

Expert Comment

by:johanvz1
ID: 17088762
Hi,

Easiest way is to login on the Web GUI Interface click on VPN or PPTP or what type of vpn is it will show you what you have click on it and delete the rule.However make sure the computer you want to open the firewall from has access to it via reserved IP address or MAC that is the easiest especially if you do not really have experience on firewalls.

Regards,

Johan
0
 

Author Comment

by:tebone68
ID: 17091978
I have never used the GUI for a pix. I was under the impression that you had to do a clear isakmp key and then put the remaining sites back in with the pre-shared keys that are associated with them? The problem is the client doesn't have the keys. I have heard if I do a write net the keys will show up in clear text?
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
LVL 12

Expert Comment

by:Scotty_cisco
ID: 17092352
not sure on the write net part of the question but I do know that the isakmp key if you changed that on all the sites and then reconfigured it locally to a new key that the one site would be dropped.  I would still delete the rules if you can a partial show run would help explain this.

Thanks
Scott
0
 

Author Comment

by:tebone68
ID: 17092395
I'm not onsite right now so I can't get that show run for you. It would have been nice if Cisco would have allowed a "no isakmp key" command to get ride of connections an easy way.

0
 
LVL 12

Accepted Solution

by:
Scotty_cisco earned 750 total points
ID: 17092423
yes it would .... think that will be an option in the new 7.x code.

Thanks
Scott
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

As managed cloud service providers, we often get asked to intervene when cloud deployments go awry. Attracted by apparent ease-of-use, flexibility and low computing costs, companies quickly adopt leading public cloud platforms such as Amazon Web Ser…
LinkedIn blogging is great for networking, building up an audience, and expanding your influence as well. However, if you want to achieve these results, you need to work really hard to make your post worth liking and sharing. Here are 4 tips that ca…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question