04-15-2005 01:36 AM - edited 02-21-2020 12:05 AM
Hi to all,
I'm novice in using PIX 501. I want to establish Site to Site IPsec tunnel. I used the PDM (via https) to configure the tunnel. The problem is that I have errors as following :
#pkts no sa (send) 22
what it means?
Any help please. I'm blocked
Thanx
04-15-2005 11:46 AM
In my opinion, get out of the PDM; its a GUI Pipe dream. Understand the cli commands first before going in there.
Second attach your sh run so we can take a look. If I can't help, there is always someone in here that will be able to help you.
Frank
04-18-2005 01:36 AM
Thank you all, I used CLI commands to configure and it works ok.
The new problem is that I must use Authentication by address (isakmp identity address). My Pix is behind a router and it has a private address on his public interface i.e. :
Distant VPN Gateway <---> Internet <---> (Public IP) Router ADSL (Router Private IP 192.168.xx.xx) <----> (192.168.zz.zz) PIX (private sub-lan 192.168.yy.yy) <---> host
The problem is that pix gives to the other vpn gateway it's public ip 192.168.zz.zz which is not recognized by the remote VPN Gateway (it needs the publix IP of the router). Howcan I tell the PIX to use this IP ad identity address? I have used racoon for a short period and it offers this option.
Any help please?
Thanx
04-16-2005 10:21 AM
Additionally, refer to this link to setup the VPN tunnel correct via PDM. I agree with the other poster. I prefer CLI. Under the CLI commands first and then move to PDM.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide