Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
2
Replies

PIX VPN tunnel

sikkander
Level 1
Level 1

‎04-26-2004 11:30 AM - edited ‎02-21-2020 01:07 PM

Folks

we hv built a site-to-site vpn from PIX 515 to a linux vpn server.Today I noticed a strange problem.When I check the "sh isakmp sa" it doesn't show any VPN tunnel but Iam able to access the apps over the vpn tunnel.The tunnel is up but doesn't show up in the sh isakmp sa output

Hv u people faced similar problem?Pl provide ur inputs on this

Cheers

SS

Labels:
0 Helpful
2 Replies 2

ehirsel
Level 6
Level 6

‎04-26-2004 11:52 AM

My two thoughts are:

1. You have pixes in a failover config and you ran the command on the standby instead of the active unit, or

2. You are accessing the apps, but not via IPSec vpn.

At the linux VPN server, display the status of the ISAKMP and IPSec sa's and see what it has to say.

0 Helpful

sikkander
Level 1
Level 1
In response to ehirsel

‎04-27-2004 03:55 AM

Hi!!

Thanks for ur reply..

The pix box I am talking abt is in standalone mode & it is not in failover mode.

When i check "sh ipsec sa" the encrypted/decrypted packets increases & this suggests the traffic flows thru the vpn tunnel.

Sometimes the sa shows up when i issue the command"sh isakmp sa" & sometimes it doesn't show up.when i issue the debug cmd,I see re-negotiation of tunnels happening

Any clue why this is happening?

Tks

SS

0 Helpful
Customers Also Viewed These Support Documents