Solved

LAN-to-LAN between PIX-515 and PIX-5252 --Urgent Help Required

Posted on 2008-06-23
2
278 Views
Last Modified: 2013-11-16
Hi

I have setup LAN-LAN  tunne lbetween PIX-525 and PIX-515.The host 219..47.190.93/32  is behind PIX-525 and 912.168.243.0/24 is behind PIX-515.I cannot see the tunnel coming up .Also,I do" sh cry isakmp sa" nothing shows up.
 The configurations are attached.

Thanks in Advance
23508793-ee-PIX-525.txt
0
Comment
Question by:alimohammed72
2 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 21854829
>crypto map outside_map 100 set transform-set ESP-3DES-SHA
You need an isakmp policy on each side that matches the transform-set
Example:

crypto isakmp policy 15
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
0
 
LVL 3

Accepted Solution

by:
AugustTen earned 500 total points
ID: 21854949
No you do not need an isakmp policy that match the transform set. They are independent and used in different phases of the negotiation.

But the ACL associated with the crypto map does not match, you specify a host on one side and a network on the other.

If this does not help, run "debug crypto isakmp" and "debug crypto ipsec" and attach the output here.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Network Infrastructure for Branch Office 16 88
Radius ASA Authentication Failed 4 48
Cisco IP NAT Translation not working 9 26
BGP Code 12 41
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…
Delivering innovative fully-managed cloud services for mission-critical applications requires expertise in multiple areas plus vision and commitment. Meet a few of the people behind the quality services of Concerto.

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now