04-14-2003 01:31 PM - edited 02-20-2020 10:41 PM
We recently changed ISP and as a result had to change our IP addresses.
I made a note of the old addresses on the config and changed them to the new addresses this evening.
We can connect to the Internet, and the VPN clients connect to the PIX, but we can't connect to our other site (which worked fine before)
I have been told that the other site has made the correct changes, but we can't connect. We can both ping each others firewalls, but it has a problem connecting
What else can I check at our side? Is there something I'm missing? Something not shown in the config?
04-14-2003 02:38 PM
Hi,
crypto debugs would us here.
make sure that ur ISP is not blocking UDP 500 traffic.
Thx
Afaq
04-15-2003 12:47 AM
Our ISP say that they are not blocking the above and other protocols associated with VPN.
How do I check the crypto debugs?
04-15-2003 05:17 AM
I managed to get the debug crypto working, which showed the old IP outside ip address still listed.
I then spent the next 10 minutes trying to turn off the debug.
I did a quick search and found the command sho cry ipsec sa to show some more information and pointed towards the crypto map settings.
Even though the following line was listed in my config, I retyped it and this solved the problem
crypto map mymap interface outside
Thanks for your help
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide