Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
654
Views
0
Helpful
0
Comments

VPN tunnel fails to come up when the configuration is moved from PIX version 6.x to PIX/ASA version 7.x

TCC_2
Level 10
Level 10

‎06-17-2009 10:17 PM - edited ‎03-08-2019 06:02 PM

Core issue

VPN tunnel fails to come up if the configuration is moved from PIX version 6.x to PIX/ASA version 7.x. This issue can be related to the sysopt ipsec pl-compatible command.

When the sysopt ipsec pl-compatible command is used in version 6.x, all PIX firewall features, such as access list control, stateful inspection, and user authentication, are bypassed for IPsec packets only.

Note: The sysopt ipsec pl-compatible command is not supported on version 7.x.

Resolution

Use the no sysopt ipsec pl-compatible command in global configuration mode in order to remove sysopt ipsec pl-compatible from the configuration and resolve this issue.

Product Family

Firewall - PIX 500 series

ASA Hardware & Software

PIX Software Version

PIX version 6.x

PIX version 7.x

ASA Software Version

7.0

7.1

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents