LAN-to-LAN between PIX-515 and PIX-5252 --Urgent Help Required

Hi

I have setup LAN-LAN  tunne lbetween PIX-525 and PIX-515.The host 219..47.190.93/32  is behind PIX-525 and 912.168.243.0/24 is behind PIX-515.I cannot see the tunnel coming up .Also,I do" sh cry isakmp sa" nothing shows up.
 The configurations are attached.

Thanks in Advance
23508793-ee-PIX-525.txt
alimohammed72Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
AugustTenConnect With a Mentor Commented:
No you do not need an isakmp policy that match the transform set. They are independent and used in different phases of the negotiation.

But the ACL associated with the crypto map does not match, you specify a host on one side and a network on the other.

If this does not help, run "debug crypto isakmp" and "debug crypto ipsec" and attach the output here.
0
 
lrmooreCommented:
>crypto map outside_map 100 set transform-set ESP-3DES-SHA
You need an isakmp policy on each side that matches the transform-set
Example:

crypto isakmp policy 15
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
0
All Courses

From novice to tech pro — start learning today.