About wiccisco

wiccisco · 05-29-2002

I am attempting to connect 50 remote sites to our main office PIX 515E using PIX 501s at the remote sites. I have two sites up and working fine. When I issue the command SHOW CRYPTO ENGINE is see: Crypto Engine Connection Map: size = 8, free = 4, use...

wiccisco · 05-28-2002

I am attempting to connect 50 remote sites to our main office PIX 515E using PIX 501s at the remote sites. I have two sites up and working fine. When I issue the command SHOW CRYPTO ENGINE is see:Crypto Engine Connection Map: size = 8, free = ...

wiccisco · 05-29-2002

You have an ACL associated with the IPSEC tunnel, like below:access-list IPSec34 deny IP HOST 192.168.30.10 anyaccess-list IPSec34 permit ip any {to Cisco VPN 3000 address}crypto map mymap 34 ipsec-isakmpcrypto map mymap 34 match address IPSec34 cryp...

wiccisco · 05-29-2002

I see your problem. I myself have seen a delay of 5 to 10 seconds in the tunnel creation even with interesting traffic. This could be a timing issue. Several logon attempts fail? None of that traffic seems interesting?Issue SHOW CRYPTO IPSEC SALo...

wiccisco · 05-29-2002

He is refering to your access list used on your crypto map statement.access-list IPsecAL permit ip any 172.16.4.0 255.255.255.0crypto map yourmap 136 match address IPsecALNot the ANY on the access-list statement sends all traffic from inside your net...

wiccisco · 05-29-2002

I hope by now you have found the answer but if not check your ACLs for allowing PING. Setup a CONDUIT to allow all ICMP or something. There is also a command called DEBUG ICMP TRACE I have found useful for allowing me to see if the ping is at least...

wiccisco · 05-29-2002

I am not sure I understand your question but we don't use NAT at our remote facilities. The remote facilities all have 172.16.x.x addresses which are NAT 0 in the PIX 501 at the remote site and pulled into the tunnel and pop out at the central locat...

Member Since	‎05-28-2002 01:42 PM
Date Last Visited	‎01-02-2024 04:24 AM
Posts	10

User Statistics

User Activity

PIX 515E needs site to site with 50 sites

PIX 515 6.1 Attempting 50 site-to-site tunnels

Re: Someone has got to know this!!!

Re: PIX2PIX IPSec NT Domain Login Failure

Re: PIX 501 do you know this...?

Re: PIX to PIX VPN

Re: VPN's and the NAT problem