I have a PIX 515E firewall that has many site-to-site VPNs terminating on the outside interface of the PIX. I want to start utilizing some of the built-in IDS features of the PIX.
I configured the ip audit name (info and action) command and applied the names to the outside interface of the PIX with the ip audit interface command. After configuring the outside interface with the ip audit commands, the PIX immediately began dropping all site-to-site VPN connections terminating on the outside interface of the PIX firewall.
I always backup current configs and alsays have a back-out plan in place when I make any changes to our PIX firewalls. To back-out of the problem ASAP, I immediately reloaded the PIX and in less-than 20 seconds, the VPNs starting re-connecting to the outside interface of the PIX.
What could have caused the VPNs to be abruplty dropped and stopped working? Is there a command that needs to be applied to the outside interface once the ip audit names are applied to the outside interface (like the "crypto map interface outside" command)?
Thanks.