Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
0
Helpful
2
Replies

FreeSwan - PIX no ping answer

jmondaca
Level 1
Level 1

‎05-16-2003 10:45 AM - edited ‎02-20-2020 10:44 PM

I have already established a VPN connection from a FreeSwan box to my PIX but the remote end can not ping or access my network.

The config is like this:

access-list 200 permit ip host x.x.x.x y.y.y.y 255.255.255.0 (hitcnt=0)

access-list 210 permit ip host x.x.x.x y.y.y.y 255.255.255.0 (hitcnt=14)

nat (inside) 0 access-list 200

Crypto Map "newmap" 20 ipsec-isakmp

Peer = yy.yy.yy.yy

access-list 210; 1 elements

access-list 210 permit ip host x.x.x.x y.y.y.y 255.255.255.0 (hitcnt=14)

Current peer: yy.yy.yy.yy

Security association lifetime: 4608000 kilobytes/28800 seconds

PFS (Y/N): N

Transform sets={ myset, }

Any ideas?

Thank you.

0 Helpful
2 Replies 2

ebreniz
Level 6
Level 6

‎05-22-2003 11:46 AM

It is hard for me to tell where the problem could be. Generally, check the following:

1. Are you allowing ICMP echo and echo reply packets through the PIX?

2. Is your VPN up and running? That is, does all your transform sets match and the access-lists are mirrored at both the ends.

3. Check if the routing is working. You may check this before configuring VPN.

0 Helpful

jmondaca
Level 1
Level 1
In response to ebreniz

‎05-22-2003 12:36 PM

Hi,

I had to change from SHA to MD5 and everything worked fine.

Thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card