Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


VPN Help.

Posted on 2006-11-17
Medium Priority
Last Modified: 2013-11-16
I am working on building a site to site vpn between a pix 506 and a cisco vpn box however am having some trouble getting the tunnel setup. What are some troubleshooting tips?
Question by:af500
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
LVL 79

Expert Comment

ID: 17971929
Make sure that both ends match:
Start with output of "show cry is sa" - look for QM_IDLE
MM_NO_STATE is problems with ISAKMP phase I
   check pre-shared keys
   check peer IP address
   check transform sets match, ie. 3des/md5/group 2
   check timeouts match
   enable/disable keepalive both sides

"show cry ip sa" look for error packets, one-way communications (decrypts but no encrypts, or encrypts but no decrypts)  
Access-lists to define the VPN traffic (local lan) - (remote lans) are mirror images both sides

Author Comment

ID: 17982986
double-checked all ipsec & isakmp paramaters...

show cry ip sa - I'm not seeing any traffic...

my network is 192.168.1.xxx however the IP range I have to use is 192.168.10.xxx - something else on the pix need to be changed?
LVL 79

Expert Comment

ID: 18107902
Are you still working on this? Have you found a solution?
Sorry about not getting back around to this Q . .
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.


Author Comment

ID: 18230196
I ended up having to upgrade the IOS to the latest to resolve this.

Author Comment

ID: 18230354

Accepted Solution

Computer101 earned 0 total points
ID: 18256712
PAQed with points refunded (90)

EE Admin

Featured Post

Cyber Threats to Small Businesses (Part 1)

This past May, Webroot surveyed more than 600 IT decision-makers at medium-sized companies to see how these small businesses perceived new threats facing their organizations.  Read what Webroot CISO, Gary Hayslip, has to say about the survey in part 1 of this 2-part blog series.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Want to learn how to record your desktop screen without having to use an outside camera. Click on this video and learn how to use the cool google extension called "Screencastify"! Step 1: Open a new google tab Step 2: Go to the left hand upper corn…
Suggested Courses

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question