Hi to all,
I have a PIX 506e (6.3.1), it works fine with site2site VPN from 3 years.
Last week ask me to make a new VPN with a brach office (I don't admin anything of the branch office), I create a classic VPN on my PIX (preshared key 3des sha), but it not works.
With command "sh crypto isakmp sa" I see the tunnel in QM_IDLE status like other VPNs, but traffic doesn't pass and the other adminstrator say me that it's firewall doesn't complete the authentications (is it possible?).
If I do command "sh crypto ipsec sa" I see the "send errors" what it's mean?
this the show
#pkts encaps: 0, #pkts encrypt: 0, #pkts digest 0
#pkts decaps: 0, #pkts decrypt: 0, #pkts verify 0
#pkts compressed: 0, #pkts decompressed: 0
#pkts not compressed: 0, #pkts compr. failed: 0, #pkts decompress failed: 0
#send errors 115, #recv errors 0
local crypto endpt.: 22.214.171.124, remote crypto endpt.: 126.96.36.199
path mtu 1500, ipsec overhead 0, media mtu 1500
current outbound spi: 0
inbound esp sas:
inbound ah sas:
inbound pcp sas:
outbound esp sas:
outbound ah sas:
outbound pcp sas:
local ident (addr/mask/prot/port): (172.17.1.232/255.255.255.255/0/0)
remote ident (addr/mask/prot/port): (172.16.0.0/255.255.0.0/0/0)
thnak a lot