Changed Outside IP Address, VPN stopped working.

tmondoy · ‎12-02-2004

Using a 515e, 6.2 IOS with failover. We had to change the external IP address which went okay, users are able to get outside the firewall alright. VPN users are no longer able to get in. Was there something I needed to change on the VPN? Not using any certificates or pre shared secrets, just authentication through logon and password. VPN client used to work, now it just stops at "securing communications channel." Any ideas?

matthew.long · ‎12-03-2004

don't want to sound rude, but, you did get the VPN users to change the ip address in their client didn't you?

jmia · ‎12-03-2004

You need to change the external IP address on the vpn client to the new IP address that you have for your pix outside interface.

Jay

prasadrp · ‎12-03-2004

How about access-list on the border router. Have you taken care of the access-list to reflect the new ip address of the PIX outside interface and allowed the relevant VPN protocols to come in.

tmondoy · ‎12-03-2004

The vpn clients did change to the new ip address. There isn't an access-list on the border router.

tmondoy · ‎12-07-2004

Found commands to clear the sa's:

clear crypto ipsec sa

clear crypto isakmp

Works now.