07-05-2007 02:18 PM - edited 02-21-2020 03:08 PM
i'm setting up ipsec vpn (site-to-site) between a pix 525 and a 3660 for the first time. i'm setting this up in a lab
environment. i have set up static ips only for simplicity. from the pix 525, i can ping up to 3660's 172.17.63.230 but not the LAN IP of 10.2.2.1. what do i need to do ? any help is much appreciated. thank you.
topology:
pix 525 -- r1 -- r2 -- 3660
topology with the IPs:
<10.1.1.1> pix 525 <172.17.63.213> -- <172.17.63.209> r1 <12.1.1.1> -- <12.1.1.2> r2 <172.17.63.225> -- <172.17.63.230> 3660 <10.2.2.1>
07-05-2007 11:45 PM
Hi
Could you post the config for r2.
Also on a more general note. Setting up IPSEC VPN's to get experience with them is a lot easier if you have hosts on either LAN rather than trying to ping between the 2 IPSEC peer gateways.
Jon
07-06-2007 02:11 AM
Hi,
I think in Pix525 we have to add another command also. Please try this command "sysopt connection permit-ipsec" in config mode.
Cheers,
Krishna.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: