cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
974
Views
0
Helpful
1
Replies

Concentrator to PiX vpn setup problem

ty.masse
Level 1
Level 1

I'm trying to setup a LAN2Lan vpn setup to another company from our 3015 concentrator to their pix. The problem is that the tunnel comes up but no traffic can pass thru the tunnel. The internal interface of their pix where the traffic is originating from is a PAT address. My concentrator's public interface, (their peer) is on my PIX classic DMZ, and it's internal interface goes to my internal router which contains a static route that points their internal network to the internal interface of my concentrator so it can route out. We've already verified keys, des level, acl etc... As I said the tunnel has no problem coming up. But not traffic will pass thru it.

Any help would be greatly appreciated.

1 Reply 1

afakhan
Level 4
Level 4

Hi,

Make sure that your PIX classic, or any other device is not blocking ESP traffic.

Basically it looks like either an ACL blocking traffic and/or a routing issue.

To verify, where the issue is, you can look at the encrypts/decrypts on the two devices.

Thanks,

Afaq

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: