Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi I am getting the following errors when trying to ssh between 2 servers over the VPN tunnel. I see it is going out of my acl_inside access-list but I do not see it reaching the VPN acess list. There is no natting between the 2 ips.Thanks,# no natt...
Hi I am getting the following errors when trying to ssh between 2 servers over the VPN tunnel. I see it is going out of my acl_inside access-list but I do not see it reaching the VPN acess list. There is no natting between the 2 ips.# no natting fo...
Our l2l vpn connections have different MTU sizes. The VPn connection is established but I only get inbound traffice but no outbound traffic. Should the path mtu be 1400 or 150 for the VPN? 1400, ipsec overhead 60, media mtu 1500
Hi, Our other office just moved and we setup a the new VPN l2l connection for the new office with two PIX 515e hardware. I am run PIX 7.0(4). when I run show crypto ipsec sa, I see it is up, but I can not reach the servers on the other side. We did...
Gilbert For the time being, we have move the server to the DMZ and allow access over the internet.I will try to clear both crypto isa sa and ipsec sa, tomorrow. This will bring down the VPN tunnel, correct?THanks,Kaprino
Thanks all for the suggestions, So I was correct that I have all the necessary ACLs both inside and UK_ACL. From all the previous VPN changes,I never had to bring down the VPN tunnel, but it would be a good start.Thanks,Kaprino
Gilbert, I forgot mention to you we have setup the VPN tunnel over XO interface(backup T1to internet), instead of the default outside interface. So we need to route UK's network (10.2.0.0) over XO interface, instead of default outside. We were abl...
attached is teh runnig configaccess-list nonat extended permit ip 10.13.36.0 255.255.254.0 10.2.0.0 255.255.192.0here is out put from show crypto ipsec sa.PIX-FW# show crypto ipsec sainterface: XO Crypto map tag: XO_map, seq num: 40, local addr: X...
