Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
371
Views
0
Helpful
2
Replies

PIX 515E/VPN3000 issue

ddunk0077
Level 1
Level 1

‎07-20-2005 12:13 PM - edited ‎02-21-2020 12:17 AM

Hi,

I have a PIX 515E connected to a 3725 router (Crossover) and my VPN 3000 sitting on my DMZ (NAT).

When i look at my VPN tunnel, it shows as being up with it's peer. But i am unable to get traffic across the tunnel. I can do a trace route inside my network that goes right to the 3000 and dies....

the 3000 sits on the DMZ which has NATed addresses.

I have check everything, so i was wondering if anyone might have something else for me to check....

thanks,

0 Helpful
2 Replies 2

vasthorvak
Level 1
Level 1

‎07-20-2005 01:33 PM

Can you clearify what is building you vpn tunnels? From what I understand you have a 3725 connected to one pix interface (guessing the inside) and a vpn concentrator on a dmz. Are you building a vpn tunnel between the two? If so that is unusual because there is no need to encrypt just between the pix. I am sure I am missing something here so please clarify. If this is correct then do Nat exemption instead of NAT which might fix your issue. If not it will make troubleshooting easier. Also look at your syslogs and do debugs to see why it is not working. isakmp key neg problem etc.

0 Helpful

ddunk0077
Level 1
Level 1
In response to vasthorvak

‎07-26-2005 01:01 PM

Thanks for replying; No the 3725 is the Internet router (Outside); cross over into a PIX 515E, sitting on my DMZ where i have the 3000 which is building a VPN tunnel with another 3000 in Indiana. I have NAT enabled on my DMZ...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card