
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2015 07:20 AM
I had two L2L tunnels connected to my ASA. Both far ends are a single customer, two offices, both with Sonicwalls.
Tunnel to each site was fine, then there came the need to have the two sites be able to talk, RTP for new voip set up.
Updated the tunnels accordingly and had no issues, it all worked perfectly. Then i added PFS to the crypto, group 2 and the second SA dropped.
In other words the two remote networks could not talk, but the SA from my ASA to each Sonicwall remained up.
I cant post the configs but as long as i keep PFS out of the equation i have no issue, is there something very general i'm missing or should be adding?
Wondering if anyone just has a thought or two on it, thank you!
Solved! Go to Solution.
- Labels:
-
Remote Access
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2015 03:45 PM
Have you tried upgrading to an up-to-date release? I remember some PFS-related bugs that were fixed in the past.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-16-2015 03:45 PM
Have you tried upgrading to an up-to-date release? I remember some PFS-related bugs that were fixed in the past.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-17-2015 07:19 AM
Good enough for me, it is verrrrrrrrrrry old code. And pretty inexplicable why it was happening. thank you.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-19-2015 06:41 AM
When you added PFS on your ASA did the customer add PFS on their Sonicwalls? If the VPNs work fine without PFS and do not work when you add PFS it suggests that perhaps it is not applied on the other end.
HTH
Rick
Rick
