Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
534
Views
3
Helpful
1
Replies

515-E VPN clear crypto isakmp sa

sean.phan
Level 1
Level 1

‎10-02-2007 03:31 AM

Hi,

i have a pair of VPN connection from PIX515-E, after issuing the command:

clear crypto isakmp sa

now none of the VPN tunnels come backup again and show isakmp sa - show something like this

mbryonic : 0

dst src state pending created

x.x.x.x x.x.x.x QM_IDLE 0 0

with QM_IDLE status but can not be created (0)

and then a little while later it disappears and this process keeps repeating

show logs on the PIX-515E i am still seeing trafic hitting the firewall.

Reboot peer FW dfoes not sold the problem. What could be likely be the issue ?

Labels:
0 Helpful
1 Reply 1

ajagadee
Cisco Employee
Cisco Employee

‎10-02-2007 04:33 AM

Hi,

Can you post the cry isakmp and deb cry ipsec debugs from both the pixes.

Regards,

Arul

Customers Also Viewed These Support Documents