12-02-2004 05:22 PM - edited 02-21-2020 01:29 PM
Using a 515e, 6.2 IOS with failover. We had to change the external IP address which went okay, users are able to get outside the firewall alright. VPN users are no longer able to get in. Was there something I needed to change on the VPN? Not using any certificates or pre shared secrets, just authentication through logon and password. VPN client used to work, now it just stops at "securing communications channel." Any ideas?
12-03-2004 04:44 AM
don't want to sound rude, but, you did get the VPN users to change the ip address in their client didn't you?
12-03-2004 04:56 AM
You need to change the external IP address on the vpn client to the new IP address that you have for your pix outside interface.
Jay
12-03-2004 04:57 AM
How about access-list on the border router. Have you taken care of the access-list to reflect the new ip address of the PIX outside interface and allowed the relevant VPN protocols to come in.
12-03-2004 09:35 AM
The vpn clients did change to the new ip address. There isn't an access-list on the border router.
12-07-2004 05:34 PM
Found commands to clear the sa's:
clear crypto ipsec sa
clear crypto isakmp
Works now.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide