I'm trying to set up a branch office VPN. I'm using a PIX-506e, my peer is a PIX-515. I've attached my (sanitized) configuration, and there's an equivalent one in the 515.
BO1 Inside: 192.168.0.0
BO2 Inside: 220.127.116.11
We cannot establish a Security Association. We can, of course, ping each other's outside addresses.
Two initial questions:
1. Can someone see anything obviously wrong?
2. The command "clear isakmp sa" breaks any existing sas; is there a command that forces one PIX to attempt to form a SA with its peer?
Thanks in advance,