cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
537
Views
0
Helpful
1
Replies

PIX IDS and VPNs - IP Audit Commands with Site-to-Site VPNs

dlockerby
Level 1
Level 1

I have a PIX 515E firewall that has many site-to-site VPNs terminating on the outside interface of the PIX. I want to start utilizing some of the built-in IDS features of the PIX.

I configured the ip audit name (info and action) command and applied the names to the outside interface of the PIX with the ip audit interface command. After configuring the outside interface with the ip audit commands, the PIX immediately began dropping all site-to-site VPN connections terminating on the outside interface of the PIX firewall.

I always backup current configs and alsays have a back-out plan in place when I make any changes to our PIX firewalls. To back-out of the problem ASAP, I immediately reloaded the PIX and in less-than 20 seconds, the VPNs starting re-connecting to the outside interface of the PIX.

What could have caused the VPNs to be abruplty dropped and stopped working? Is there a command that needs to be applied to the outside interface once the ip audit names are applied to the outside interface (like the "crypto map interface outside" command)?

Thanks.

1 Reply 1

jsivulka
Level 5
Level 5

I could not find and bugs that might be relevant to this problem. It is likely that you are running into a configuration problem. Make sure that you enter the configuration command properly and in order. If the problem persists, saving your configuration and reloading the device might just work.

Review Cisco Networking for a $25 gift card