01-03-2007 08:13 AM - edited 02-21-2020 02:47 PM
Hi
I'm setting up a site to site VPN between 2 new devices (ASA 5100 and PIX 501). I've been thru the wizards on both devices but cannot get IP traffic between them. Any help would be greatly appreciated
Thanks Rex
01-03-2007 09:25 AM
Hello,
Verify your peers since on your ASA you are specifying the peer as 193.238.166.50 (crypto map outside_map 20 set peer 193.238.166.50). However, on your Pix the outside IP is set to 10.71.135.4.
Regards
Pradeep
01-04-2007 03:50 AM
Thanks for the reply Pradeep.
We are given IP addresses in the range 10.71.135.x by our ISP which they NAT to a public IP (193.238.166.50 in this case) as needed. I think the tunnel is setting itself up correctly as both PDM (on 501) and ADSM (on ASA) both report that there is an active IKE tunnel. I've included some of the syslogs from the ASA if this helps.
Thanks, Rex
01-04-2007 05:00 AM
Rex,
Can you also send the output of "sh crypto ipsec sa peer
Regards
Pradeep
01-04-2007 06:43 AM
01-08-2007 04:58 AM
I eventually sorted the issue by deleting and recreating the VPNs using the wizards and by setting up static routes on the remote servers we were trying to get to to get back to originating network.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide