01-26-2004 11:26 PM - edited 03-09-2019 06:14 AM
Dear Forum,
I am doing ezvpn between our HQ and the BO using network extension mode. Sometimes the HQ has no ipsec sa any more, but the BO still has one and thinks it is connected.
Wo can a sa get lost? The BO is disconnected by the ISP evry 24h :(
Best,
Christian
01-30-2004 08:06 AM
The PIX EzVPN client creates SA's from its outside interface to the remote subnet(s) for management purposes. With these you can ping from the PIX itself to anything on the remote subnets, and more importantly you can connect to the PIX outside interface securely from the remote subnets. If you are doing split tunnelling it will build one of these SA's from its outside interface to each remote network in the split tunnel list.
02-05-2004 06:33 AM
Hello,
could you explain a little more what you try to explain to me?
The pix is your client, but my problem is one the server.
Thank you!
Christian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide