Re: Site-To-Site VPN between 7.1 (1) and 6.3 (5)

copperspeed · ‎09-17-2007

Can someone please look at my config and tell me what's wrong with it because i can't figure it.

I have been trying to create a site to site vpn without any luck. However, i have been successfully created a vpn for my clients.

Thanks in advance!!

Jon Marshall · ‎09-17-2007

Hi

I can't see any Phase 1 isakmp settings in your pix 6.3 config, ie you need

1) isakmp policy

2) isakmp key

3) isakmp enable

HTH

Jon

mfreijser · ‎09-18-2007

As said above, you are completely missing ISAKMP configuration. Try adding the following commands to your Pix with software version 6.3(5):

isakmp enable outside

isakmp identity address

isakmp policy 10 authentication pre-share

isakmp policy 10 encryption 3des

isakmp policy 10 hash sha

isakmp policy 10 group 2

isakmp policy 10 lifetime 86400

isakmp key **** address 71.4.148.xxx netmask 255.255.255.255

Notice that you should replace the **** with the same pre-shared key you configured on the PIX/ASA with software version 7.1(1)

Please rate the post if it's usefull to you!

Regards,

Michael