Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
491
Views
0
Helpful
0
Replies

PIX 515 7.x - 3rd PIX & NAT-T breaks VPN

mikey777
Level 1
Level 1

‎07-02-2019 10:48 AM

Have several PIX 515's. I can cfg a l2l VPN between 2 of them (or ns5gt's) w/o a problem. To test NAT-T I have 3 PIX's in-line. PIX1-PIX2-PIX3. Traffic is generated from a PC hung off PIX1 to a PC hanging off PIX3. All is fine but NAT-T doesn't seem to work. I've used 'debug cry is 254' and Wireshark and cannot find why PIX3 complains; "can't find a valid tunnel-group, aborting". It appears that PIX3 sees this tunnel as coming from PIX2's NAT address, not PIX1. And then it doesn't find a tunnel group as the TG is defined as PIX1, not PIX2.

Also, where/if is the output to the debug documented, outside cisco that is ?

What is NAT-D ?

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card