02-15-2006 06:48 AM - edited 02-21-2020 02:15 PM
Hello,
I have a pix 506 with multi VPN, but with one, the tunnel is OK but it create multi time and i have the error on the bebug view :
ISAMKP (0): received DPD_R_U_THERE from peer FWCS
ISAMKP (0): DPD_R_U_THERE: received seq_no 296113268 out of range, expected 229004405
I can have 10 and more tunnel (sho cryp isa sa ) for the same peer.
Pascal.
02-21-2006 08:09 AM
I am afraid whether it is possible to set up the VPN failover the way you need with a 506 at this time. It is a possibility for any pix that you can load version 7.0 on. Right now that would be for the 515's and higher. 7.0 software has the ability to re-route traffic on the outside interface. So better, you first verify with this issue.
02-21-2006 10:16 PM
Hi
PIX 506 E supports 25 site 2 site or remote access tunnels at a single point of time. I would request you to kindly upload the config of PIX along with the full debug messages, so that we can have a look at it.
thanks and regards
aashish C
03-02-2006 09:23 PM
Hi,
I would suggest that have you applied proper access-list on each site 2 site VPN ISAKMP configuration. If you have 3 site 2 site VPN, make sure that proper access-list is defined so that appropriate traffic is generated and tunnel is formed.
Regards,
Rakshit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide