?
Solved

VPN Help.

Posted on 2006-11-17
8
Medium Priority
?
293 Views
Last Modified: 2013-11-16
I am working on building a site to site vpn between a pix 506 and a cisco vpn box however am having some trouble getting the tunnel setup. What are some troubleshooting tips?
0
Comment
Question by:af500
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17971929
Make sure that both ends match:
Start with output of "show cry is sa" - look for QM_IDLE
MM_NO_STATE is problems with ISAKMP phase I
   check pre-shared keys
   check peer IP address
   check transform sets match, ie. 3des/md5/group 2
   check timeouts match
   enable/disable keepalive both sides

"show cry ip sa" look for error packets, one-way communications (decrypts but no encrypts, or encrypts but no decrypts)  
Access-lists to define the VPN traffic (local lan) - (remote lans) are mirror images both sides
0
 
LVL 4

Author Comment

by:af500
ID: 17982986
double-checked all ipsec & isakmp paramaters...

show cry ip sa - I'm not seeing any traffic...

my network is 192.168.1.xxx however the IP range I have to use is 192.168.10.xxx - something else on the pix need to be changed?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18107902
Are you still working on this? Have you found a solution?
Sorry about not getting back around to this Q . .
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 4

Author Comment

by:af500
ID: 18230196
I ended up having to upgrade the IOS to the latest to resolve this.
0
 
LVL 4

Author Comment

by:af500
ID: 18230354
thanks
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18256712
PAQed with points refunded (90)

Computer101
EE Admin
0

Featured Post

Need protection from advanced malware attacks?

Look no further than WatchGuard's Total Security Suite, providing defense in depth against today's most headlining attacks like Petya 2.0 and WannaCry. Keep your organization out of the news with protection from known and unknown threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question