Solved

VPN Help.

Posted on 2006-11-17
8
281 Views
Last Modified: 2013-11-16
I am working on building a site to site vpn between a pix 506 and a cisco vpn box however am having some trouble getting the tunnel setup. What are some troubleshooting tips?
0
Comment
Question by:af500
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 17971929
Make sure that both ends match:
Start with output of "show cry is sa" - look for QM_IDLE
MM_NO_STATE is problems with ISAKMP phase I
   check pre-shared keys
   check peer IP address
   check transform sets match, ie. 3des/md5/group 2
   check timeouts match
   enable/disable keepalive both sides

"show cry ip sa" look for error packets, one-way communications (decrypts but no encrypts, or encrypts but no decrypts)  
Access-lists to define the VPN traffic (local lan) - (remote lans) are mirror images both sides
0
 
LVL 4

Author Comment

by:af500
ID: 17982986
double-checked all ipsec & isakmp paramaters...

show cry ip sa - I'm not seeing any traffic...

my network is 192.168.1.xxx however the IP range I have to use is 192.168.10.xxx - something else on the pix need to be changed?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 18107902
Are you still working on this? Have you found a solution?
Sorry about not getting back around to this Q . .
0
Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

 
LVL 4

Author Comment

by:af500
ID: 18230196
I ended up having to upgrade the IOS to the latest to resolve this.
0
 
LVL 4

Author Comment

by:af500
ID: 18230354
thanks
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 18256712
PAQed with points refunded (90)

Computer101
EE Admin
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question