I have a PIX501 at a remote site (213.x.x.186).

I had to install a Linksys VPN router at another remote site and VPN between the two.

I configured the Linksys in my office on a static IP (84.x.x.14) and remotely configured the PIX, i got these working fine.

I have since installed the Linksys at the other remote site and changed the static IP (213.x.x.235).

On the PIX i reconfigured:

crypto map transam 1 set peer 213.x.x.235

isakmp key ******** address 213.x.x.235 netmask 255.255.255.255 no-xauth no-config-mode.

On the pix "show crypto ipsec sa" shows:

interface: outside

Crypto map tag: transam, local addr. 213.x.x.186

local ident (addr/mask/prot/port): (10.0.0.0/255.255.255.0/0/0)

remote ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)

current_peer: 84.x.x.14:500

PERMIT, flags={origin_is_acl,}

#pkts encaps: 88, #pkts encrypt: 88, #pkts digest 88

#pkts decaps: 83, #pkts decrypt: 83, #pkts verify 83

#pkts compressed: 0, #pkts decompressed: 0

#pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0

#send errors 0, #recv errors 0

local crypto endpt.: 213.x.x.186, remote crypto endpt.: 84.x.x.14

path mtu 1500, ipsec overhead 56, media mtu 1500

current outbound spi: 0

inbound esp sas:

inbound ah sas:

inbound pcp sas:

outbound esp sas:

outbound ah sas:

outbound pcp sas:

This output shows the connection to my office still, and the Linksys connected in the remote site will not re-establish a connection.

show crypto isakmp sa shows:

Total : 1

Embryonic : 0

dst src state pending created

213.x.x.186 213.x.x.235 QM_IDLE 0 0

I've tried clearing this entry with "clear crypto ipsec sa peer" and it will not disappear and reestablish with the new configuration.

Can anyone throw me some suggestions?