PIX to IOS Site to site issue

Unanswered Question
Sep 13th, 2007

Hi friends,

A strange VPN issue with PIX 7.0 though not critical.

There is a site to site VPN tunnel between PIX and a Cisco IOS router. The tunnel should come up upon initiating traffic to a host on port 22.

When we telnet on port 22 to the host defined in interesting traffic, the tunnel DOES NOT come up. But if we ssh to it, it comes up.

Is there a solution to this? Or as a workaround, should we setup our interesting traffic to only include hosts and omit ports?

Thanks a lot


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Thu, 09/13/2007 - 18:06

crypto map acl's should typically just contain hosts and not ports. use standard interface acl's to control what ports they can communicate on.


This Discussion