04-04-2007 10:59 AM - edited 02-21-2020 02:57 PM
I have a working IPsec tunnel between a PIX version 6.4 PIX 7.0 the problem is if the tunnel goes down for any reason only traffic coming from the PIX ver 7.0 side will bring the tunnel back, no traffic from the PIX ver 6.4 side will bring up the tunnel.
Once the tunnel is up everything works fine.
isakmp nat-transveral is enabled on both sides.
Any ideas would be appreciated.
Thanks
KLW
04-10-2007 06:36 AM
I think you have not defined interesting traffic from the PIX 6.4. You can issue the write terminal command on the PIX, and find the match address command under the crypto map for the connection. The Access Control List (ACL) that this command refers to specifies the interesting traffic.
04-10-2007 06:41 AM
Thanks for the response.
I belive the access-list command is defined correctly otherwise i don't think the tunnel would come up at all. The access-list on the 6.4 side is a mirror of the one on the 7.0 side which i belive is as it should be.
KLW
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide