• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 893
  • Last Modified:

How to remove Site to site VPN - Cisco PIX

We have shut down 2 of our sites and I would like to take the site-to-site information out of the cisco pix. The following config is just the cryptomap and isakmp parts. Thanks.



sysopt connection tcpmss 1200
sysopt connection permit-ipsec
sysopt connection permit-pptp
crypto ipsec transform-set myset esp-des esp-md5-hmac
crypto map Example 20 ipsec-isakmp
crypto map Example 20 match address 120
crypto map Example 20 set peer IP ADDRESS 1
crypto map Example 20 set transform-set myset
crypto map Example 21 ipsec-isakmp
crypto map Example 21 match address 121
crypto map Example 21 set peer IP ADDRESS 2
crypto map Example 21 set transform-set myset
crypto map Example 22 ipsec-isakmp
crypto map Example 22 match address 122
crypto map Example 22 set peer IP ADDRESS 3
crypto map Example 22 set transform-set myset
crypto map Example 30 ipsec-isakmp
crypto map Example 30 match address 130
crypto map Example 30 set peer IP ADDRESS 4
crypto map Example 30 set transform-set myset
crypto map Example 31 ipsec-isakmp
crypto map Example 31 match address 131
crypto map Example 31 set peer IP ADDRESS 5
crypto map Example 31 set transform-set myset
crypto map Example 32 ipsec-isakmp
crypto map Example 32 match address 132
crypto map Example 32 set peer IP ADDRESS 6
crypto map Example 32 set transform-set myset
crypto map Example interface outside
isakmp enable outside
isakmp key ******** address IP ADDRESS 1 netmask 255.255.255.255
isakmp key ******** address IP ADDRESS 2 netmask 255.255.255.255
isakmp key ******** address IP ADDRESS 3 netmask 255.255.255.255
isakmp key ******** address IP ADDRESS 4 netmask 255.255.255.255
isakmp key ******** address IP ADDRESS 5 netmask 255.255.255.255
isakmp key ******** address IP ADDRESS 6 netmask 255.255.255.255
isakmp identity address
isakmp policy 1 authentication pre-share
isakmp policy 1 encryption des
isakmp policy 1 hash md5
isakmp policy 1 group 1
isakmp policy 1 lifetime 86400

Open in new window

0
j_crow1
Asked:
j_crow1
  • 3
  • 2
1 Solution
 
theB0FHCommented:
Hi Crow

Wht version are you running?

Can you try clear crypto isakmp sa and then rebooting?

TB
0
 
j_crow1Author Commented:
I dont want to delete all of them, just those 2 that arent in use anymore - I am running version 6.3
0
 
ccsistaffCommented:
Just put the keyword 'no' in front of each statement you don't need anymore.  

Example:

no crypto map Example 32 set peer IP ADDRESS 6
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
j_crow1Author Commented:
ccs:

I get type help or '?' for a list of available commands.
0
 
ccsistaffCommented:
you have to be in configuration mode for the PIX to accept the command.  After you login, type

conf t

then enter the no variants of the commands.
0
 
j_crow1Author Commented:
Thanks for the help!
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now