09-13-2004 05:07 AM
Hi Dudes,
i have 2 pix 506e , when i am trying to establish vpn connection between 2 pix's
it is not happenig .
diagram
192.168.2.0------>pix 1 ----crosscable-----pix 2 <-------------192.168.3.0
192.168.10.0
i have no idea whatz happening between the two.
i can ping from one pix to other's outside interface and viceversa
i have attached my config.
can anybody advice me on what iam missing in my config
regds,
rajesh
09-13-2004 06:26 AM
Rajesh,
Looks like you're missing the match clause in your pix 1 configuration:
crypto map transam 1 match address 101
In order for an IPSEC tunnel to form, the ACLs on each peer must be identical - the match clause binds the ACL to the crypto map
So currently your ACLs don't match and therefore no tunnel! :)
Hope this helps,
Mike
09-13-2004 06:51 AM
I also had a quick look at this and agree with Mike that you don't have 'crypto map transam match address 101' on pix 1
Jay
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide